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Editorial 

Gunther Feuereisen <gunther@ ibm.net> 

The first thing you might have asked when you 
saw AUUGN in the mail was "Where's the 
October issue?". The past few months have seen 
several changes on the Editorial board, including 
the farewell of Phil Anderson from the helm. 

In the ensuing chaos, we found that by the time we 
had figured out what was going on, October was 
long gone. So we decided to sail full steam ahead 
and bring out the value-packed bumper holiday 
issue - and that's what you hold in your hands 
right now! 

Amongst the changes, Matthew Dawson from the 
NSW branch of AUUG has joined the fray, along 
with Frank Crawford and Liz Egan, and yours truly 
at the wheel, we hope to bring fun packed 
adventures (or if not, some interesting reading) in 
future issues. Plans are already afoot for next year - 
look out for some changes in AUUGN in '97. 

Alas, Phil has had to move on, but I'd like to thank 
him on behalf of AUUG members for his work on 
AUUGN. If not for Phil's undertaking, AUUGN 
may have faded away into nothingness. 

So, sit back, pour yourself another glass of 
something bad-for-your-body and enjoy the issue! 

As it's the festive season - from all of us here, we 
hope you have a Merry Christmas and a happy 
New Year! 

See you in '97! ❖ 


President's Column 

Michael Paddon 

It can be argued that industry of ours requires a 
certain commitment, or even obsession, if you truly 
wish to succeed. Perhaps it is inherent in the 
exacting nature of the software business, where one 
misplaced detail can separate achievement from 
disaster. In any case, whether you are designing, 
building, explaining or selling, ours is a vocation 
that demands focus. 

Now, of course, a broad brush assertion such as this 
is best debated over a fine wine of some description. 


so please take this opportunity to equip yourself 
now before we proceed any further. 

Back again? Excellent, let’s forge ahead. 

In many ways, it is obsession that makes our 
industry tick over. It is from this motivation that 
springs the finely crafted code, and the urge to 
share our labours freely. Only a remarkable single- 
mindedness can explain the creation of an operating 
system in which everything is a file, or a global 
network built from a single protocol. 

It is this level of intent which produces the 
software that we all admire (a long list is 
available upon request...). But even more 
admirable is the immense purpose and energy 
displayed by the creators of the code we love to 
run; indeed, it is a quality that transcends 
technical merit and engineering philosophy. 

Let's make a leap of faith. We are all creators in 
our industry, each and every one of us. Sure, we all 
do different jobs, and sometimes our contributions 
are not as visible as those of, say, Dennis Ritchie or 
Larry Wall or James Gosling or [insert favourite 
icon here]. Nevertheless, we add a piece of 
ourselves to the world, and change it a bit in the 
process every day. Such is the beauty of out 
industry. 

As an aside, its is amusing to note that many of us 
would probably be doing what we are today, even 
if we didn't get paid. Don't tell my boss... 

So, what the hell is this reflection doing in an 
AUUG column? Well, quite simply, while we are 
all creative, obsessed and focused people, our dear 
old AUUG hasn't reflected our temperament. In 
fact, over the years AUUG has grown fat and 
complacent and, well, kind of comfortable. 

Let's not dwell on examples... I think you all know 
what I mean. 

The news is simple: this has all changed. It hasn't 
happened overnight, however. The AUUG 
executive has been working hard for over two years 
to re-orient our organisation, and to give it a good, 
old fashioned cold boot. 

The results are starting to be visible. We ran two 
roadshows in 1996: 

David Flanagan's Java tutorial and Danny Smith's 
security update. Both were well attended, and 
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generated enough income to enable us to plan three 
similar events next year. 

In addition, we ensured that every state and 
territory hosted at least one of these event. If you 
only got to see one, we truly regret it, but our 
geography makes visiting every chapter in two 
weeks a somewhat daunting task. In any case, we 
remain committed to servicing all of our members, 
throughout the country, to the limits of our 
abilities. 

This commitment is also reflected in a new venue 
for the Winter Conference. AUUG 97 will be held 
in Brisbane, breaking a Melboume-Sydney duopoly 
of almost a decade. Generating and substantiating 
the support to hold an AUUG conference in another 
state has been a personal goal of mine since election 
to the executive, and it is with great satisfaction 
that I make this announcement. 

Another indicator of our new aggressiveness is the 
theme of the conference: "Technical Solutions". It's 
time for AUUG to remember that it's raison d'etre 
is to support and articulate for the technical open 
systems community. Encouragingly, our sponsors 
have been very supportive of our newly found focus, 
feeling that a stronger technical AUUG will 
enhance their marketplace opportunities. 

Mark White and George Michaelson are already 
hard at work on the 1997 conference, as the 
conference chair and programme chair 
respectively. If you wish to volunteer your time to 
their endeavours, please don't hesitate to get in 
touch with them. Soon, also, you will be seeing the 
call for papers, and you will remember my 
statement that the best way to help out is to submit 
your work for consideration. 

Another sign of change you'll see is in the new 
editorship of AUUGN. Phil Anderson has 
performed a sterling job of recreating our journal to 
reflect the priorities of the current executive, 
without losing continuity with the AUUGN of 
yesteryear. The result is a leaner and meaner 
publication that will bear Phil's stamp for many 
years to come. 

To our deep regret, Phil has had to relinquish the 
editorship of AUUGN due to other commitments (I 
warned you about getting a life, didn't I?), and the 
role is being taken up by Gunther Feuereisen, 
starting with this issue. Thanks for everything, 
Phil. AUUG would have been a much poorer place 
without your efforts. 


As Gunther comes to grips with AUUGN, you will 
be seeing more changes again. The executive has 
already discussed the benefits of a quarterly 
AUUGN as opposed to the current two-monthly 
schedule. We would be most interested in any 
opinions you have around AUUGN, schedule 
related or otherwise, and I am sure that Gunther 
would be particularly encouraged by submissions for 
publication. 

There is no doubt that each of these changes that I 
have touched upon will upset some. I, and the 
AUUG executive, offer no apologies for this. Our 
organisation was running in grave danger of 
becoming less and less relevant to you, the members, 
and we have been forced to reassess why we exist 
and what we can deliver. 

If you feel a resonance with our goals, however; if 
you believe that a strong technical user group has a 
place to play in our industry for the betterment of 
the science of design, the engineering of code, the 
art of management and the plying of commerce, 
then we are grateful for you continued support. 

To round off my report. I'd like to touch upon some 
recent activities of interest. The AUUG Chapter 
Council is held once a year, and is a chance for all 
the regional groups to get together and do some 
combined planning. This year's council discussed 
several issues: how to stage interesting local 
meetings (and entice the you to attend), scheduling 
the Chapter Technical Conferences to allow an 
international visitor to be shared around the 
country and, inevitably, finances. 

AUUG has roughly the same level of assets as it 
had three years ago, however, in the intervening 
time we have set up the chapter system and been 
very effective at distributing funds for regional use. 
The upshot of this is that where we used to have 
one big bucket of money, there is now a number of 
smaller buckets. At the Council it was decided to 
combine these buckets back together again, with 
each chapter's funds still being accounted for 
separately, into a single pool. This will allow a 
much more effective use of funds, especially in 
respect to cash flow management and interest rates. 

Another event of recent note was the formal 
creation of ISOC-AU, the Internet Society of 
Australia, and the election of their board of 
management. AUUG has actively supported the 
establishment of ISOC-AU and we are enormously 
pleased to see this process bear fruit. AUUG sees 
ISOC-AU as a sibling body (indeed we share much 
the same membership, and many of the same 
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concerns) and we look forward to working closely 
with them to promote the Internet, open systems 
and the interests of our respective memberships. 

Last, but certainly not least, please allow me to 
draw you attention to the re-publication of John 
Lion's 6th Edition Unix book. This famous volume 
contains the entire source to 6th Edition as well as 
detailed notes and annotations explaining the code. 
The reprint also contains additional commentary 
from various well known writers, which add 
perspective to the original text. 

I could go on and on about the cool cover, etc, etc, but 
let's cut to the chase. Once upon a time you had to 
scrounge a 5th generation photocopy to own one of 
these. Now you can buy a legitimate copy of this 
piece of Unix history, and it won't get all dog eared 
and fall apart. What are you waiting for? 

You're waiting for the 15% discount AUUG has 
arranged of course. Check out this issue of AUUGN 
or get in touch with us for more information. 

Finally, on behalf of AUUG, I'd like to wish you a 
safe an enjoyable holiday season. See you all next 
year! ♦> 
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The AUUG Technical Conference Sorlee will be held Australia wide in every state and territory, between February and April 
1997 with the following dates confirmed: 


• Canberra 12-14 February 

• Hobart 19 February 

• Perth TBA 


• Sydney 20-21 February • Melbourne 25-26 February 

•Darwin 17-19 February ‘Brisbane 24 April 

• Adelaide TBA 


Dates for Perth and Adelaide are currently being confirmed and as each city finalises their date, it is being posted on the AUUG 
web page at http://wwwLauug.org.au along with further information. 

AUUG invites proposals for papers and tutorials relating to the technical aspects of Unix and Open systems. 

Presentations may be formatted as tutorials or technical papers, and should be geared at an audience requiring in-depth knowl¬ 
edge. 

Technical presentations should be approximately 45 minutes, including a 5-10 minute question time. 

Tutorials, providing a more thorough presentation, should be either a half-day or a full-day in duration. 

Submission Guidelines 

Those proposing to present papers should submit an extended abst r act (1-3 pages) and a brief biography. 

Those submitting tutorial proposals should submit a plan for the tutorial and a brief biography. 

Please indicate on your proposal whether it is a paper or tutorial, and for tutorials whether they are half day or full day. 
Location 

The conference series will be held Australia wide, so please indicate in which city you wish to present - however, you can do so 
in more than onell 

Speaker Incentives 

Presenters of papers are afforded complimentary conference registration. 

Tutorial Incentives 

Tutorial presenters will receive either a flat fee or a negotiated percentage of their tutorial profit 


For further information or to submit a proposal please mail: 

AUUG Inc, Level 4, 90 Mount Street, NORTH SYDNEY NSW 2060 

Email: auug@auug.org.au 
http://www.auug.org.au 


Ph: 1-800-625-655 











Formation 
of ISOC-AU 

Frank Crawford 

Australia is about to enter a new era as far as the 
Internet is concerned. On the 15th November, the 
Internet Society of Australia (ISOC-AU) was 
formed, and more importantly, their Inaugural 
General Meeting will be held in Sydney on 
Wednesday 27th November, at the Haymarket 
Campus of UTS. In fact, this is not far from where 
the Interop Exhibition is being held. More details 
of the IGM can be found on the society’s web page at 
http://www.isoc-au.org.au/. 

Why is this important? It allows Australia to 
have a much bigger say in the structure of the 
Internet world-wide. As far as any group on the 
Internet can be said to control the Internet, the 
Internet Society is the governing body, and ISOC- 
AU is a chapter of the world-wide body. 

The roles of the Internet Society are varied, but 
primarily to maintain and extend the development 
and availability of the Internet and its associated 
technologies and applications. It does this by 
managing the standards process, including Internet 
RFC's, conference and general dissemination of 
information. 

It is notionally the source of authority for Internet 
domain names, although they do not really 
exercise this authority, preferring to delegate it to 
other groups. This has some relevance to the 
current debate on domain names within Australia, 
however, ISOC-AU has no intention of being 
involved in this at the present time. 

What ISOC-AU is more interested in is in 
establishing an body that represents the Internet 
users in Australia, be they individuals or 
organisations, both nationally and overseas. 
While there are a number of organisations that 
represent different parts of the Internet community, 
be they service providers, system and network 
administrators or the general users, there is no 
organisation that attempts to represent them all. 
This is the aim of ISOC-AU. 

ISOC-AU currently only accepts individual and 
student members, and fairly obviously, is attracting 
most of the influential people in the Internet scene 


in Australia. These include Geoff Huston, Hugh 
Irvine and Bob Kummerfeld who have acted as the 
founding board guiding the organisation through to 
the Inaugural General Meeting. 

As well it has the declared support of AUUG, 
SAGE-AU, ACS and the major ISP's within 
Australia. All these groups can see the advantage 
of the formation of ISOC-AU, as a means of 
focusing the Internet work within Australia and to 
provide access to the wider global Internet 
community. 

Founding membership is currently available, and 
will be until the IGM, on the 27th November. As 
well, a call for nominations for the initial Board of 
Directors has gone out, and is open to anyone who is 
a member by the time of the IGM. For those who 
aren't able to join before the 27th, membership will 
be available at UTS, just prior to the IGM, or at the 
ISOC-AU booth in the Interop Exhibition. 

More information about the formation of ISOC-AU 
can be found on their Web page, http://www.isoc- 
au.org.au/, which includes the details of 
membership, a list of the current nominations for 
directors, and other information relevant to the 
organisation. 

As a final note, ISOC-AU is keen to involve as 
many people as possible, with plans for those not 
able to physically be at the IGM, to be able to 
participate from regional centres, over the Internet. 
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On Tour: 

Security Seminar 

Lucy Chubb 

Danny Smith, Operational Manager of AUSCERT, 
is certainty someone whom you would expect to 
know what he's talking about when it comes to 
computer security. Over 150 people around 
Australia came to hear Danny give his one day 
tutorial during November on a tour of various 
capital cities organised by AUUG. 

In Sydney, his fifth presentation in this series, 
Danny took the absence of a carousel on the 
projector in his stride and spoke directly from the 
printed notes until morning tea. 

Danny talked about the nature of security and some 
common misbeliefs such as putting effort into 
countering accidental threats while not bothering 
as much about deliberate threats or the belief that 
a firewall by itself will make a network secure 
without worrying about other aspects of security 
(the "hard crunchy shell with a soft chewy 
inside"). 

An overview of the changing nature of security 
incidents reflected the changes in the size of the 
Internet and the type of users making up the bulk of 
that increase. There are many new users and new 
sites which don't have any security experience. 
Moreover, intruders have been working on new and 
more sophisticated attacks and communicating 
them amongst their peers very effectively using, 
for example, anonymous ftp servers. Some very 
sophisticated attacks based on the analysis of 
operating systems source code and standard Internet 
protocols are now being seen. 

Effective security requires a security policy. That 
security policy has to have the right things in it 
and be tested (all software has bugs the first time 
it's run, doesn't it? Why should the security policy 
be different? Do you really want to find out what 
you should have done after a disaster happens?). 
Even if the policy is right for your company at one 
time, that doesn’t mean it will stay that way. The 
policy must make it a policy to update the policy 
regularly. 

Having the right things in a policy will mean 
being able to evaluate the risks that affect your 
site properly. Some risks, like the value of (and 


hence the risk of losing) reputation through being 
broken into are very hard to quantify. For 
AUSCERT, for example, that reputation is almost 
priceless. 

One of the drawbacks of password based 
authentication is ensuring that the chosen 
passwords cannot be easily cracked. The total key 
space for UNIX is quite large, but often only a tiny 
part of it is used - making it easy for intruders to 
search. However, there are tools to help enforce 
good choice of password and alternatives such as 
identity cards and biometrics (for example, finger 
prints or retinal scans). Combining more than one 
technique strengthens security further. 

There are a number of system administration tools 
that are not shipped by vendors, but which may be 
useful for increasing security or tracing an intrusion. 
Danny went through a number of these and 
described their use (being careful to point out that 
the risk from using them rests with the 
organisation that decides to use them). 

The sections on checking for intruders and 
responding to an incident gave advice on what to 
look for when an intruder is suspected and what to 
do (particularly as it is easy to panic and do 
something inappropriate which will make the 
recovery process take longer than it really needed 
to). AUSCERT plays a role in both preventing 
intrusions through Security Advisories and in 
assisting with a response. Anyone interested in 
what AUSCERT does and how to register can have 
a look at their web page at 
http://www.auscert.org.au/ 

At the end of the tutorial Danny left time for 
questions and judging by the response from the 
attendees at the Sydney tutorial, the question time 
could have gone on for quite a bit longer if time 
hadn't run out. 

This has been another successful tutorial roadshow. 
Danny is committed to spreading the word about 
computer security, so when you see his name again 
in the future, you should seriously consider going to 
hear him. ♦> 
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Danny Smith at the Security Seminar. 


Danny Smith again. Somethings tells methe guy in 
front row would rather be somewhere else.. 










Pauline Van Winsen, Lucy Chubb (AUUG Exec) and Danny Smith looking rather angelic 


Morning Tea at the Security Seminar. Looks like Frank's preferred cookie of choice is choc-chip! 
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Standards groups 
do not stand still 

Phil McCrea 

It's interesting to watch the current machinations 
in the so-called ’open' industry consortia groups. 
There are not so may of these organisations these 
days as there used to be back in the heady days of 
the Unix wars. Remember the Unix International 
(UI) v Open Software Foundation (OSF) wars, so 
beloved by the press? These skirmishes almost 
single-handedly delivered the desktop to 
Microsoft, as the opposition was fragmented and 
bent of demolishing each other. Microsoft didn't 
have to adopt a divide-and-conquer approach - the 
opposition came up with it themselves.! 

As time moved on and Unix became accepted as 
'mainstream', gradually UI and OSF ran out of 
puff. They merged to form the Open Group earlier 
this year, and in fact their new Chairman, Joe de 
Feo, took up the helm a few weeks ago. De Feo is 
the ex chief IT manager from Barclays bank. 

The X Consortium, based at MIT was another open 
organisation, whose mission was to promote and 
develop the X interface standards, which forms 
the basis of windowing environments on Unix 
workstations. It was hoped at one stage that X 
might become a true, vendor independent 
windowing environment for all workstations and 
PCs. Alas, whilst X is still alive and well, it has 
largely been overwhelmed by the sheer market 
penetration of the Web. The X Consortium has 
decided to call it a day, and it will join the Open 
Group by the end of the year. 

The other remaining open organisation which has 
been around for some time is the Object Management 
Group (OMG). Since the topic of objects is still a 
hot area, there is still a fair sized agenda for 
OMG. And its agenda has become a little bigger in 
the past month or so, courtesy of Microsoft. 
Microsoft, of course, has been the bete noire of the 
'open' world, choosing to establish its own 
standards and interfaces, and publishing enough 
material to enable third party developers to create 
programs that work with their software. 

Microsoft has used a plethora of terminology to 
describe its interface standards, such as Object' 
Linking and Embedding (OLE), Common Object 


Model (COM), Distributed Common Object Model 
(DCOM), MAPI and ActiveX. ActiveX is the most 
recent term and was supposed to encompass OLE and 
the others. In a surprise move several weeks ago, 
Microsoft decided to hand ActiveX technology over 
to The Open Group. The Unix standards body now 
embracing Microsoft standards? 

There are several intriguing aspects to this move by 
Microsoft. 

Firstly, it's worth noting what a little healthy 
competition from Java can do! 

Secondly, it has created an interesting political 
situation between the Open Group, and OMG. 
OMG have been promoting its Corba architecture as 
the basis of distributed objects, and virtually every 
software vendor has pledged allegiance. ActiveX, 
however, is not fully compatible with Corba, and 
this creates the interesting political situation 
where the Open Group and OMG are now 
supporting incompatible object standards. 

Not surprisingly the non-Microsoft world, led by 
Oracle, has reaffirmed its allegiance to Corba, 
which forms the basis of its Network Computer 
Architecture, which a host of hardware and 
software vendors are supporting. 

The third interesting aspect is that a recent issue of 
Client Server News reports that Microsoft is 
having second thoughts about handing its crown 
jewels over to a standards body! Microsoft has 
declared that OLE is apparently not now of 
ActiveX, and hence OLE will not actually be 
included in the material that will be handed over 
to the Open Group. How the Open Group reacts to 
this will be interesting. 

It is still the case that the term 'standards' and 
'politics' are largely synonymous when it comes to 
industry bodies. Stay tuned. ♦> 
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Searching for 
needles in haystacks: 
an Internet detective 
story 

Pauline van Winsen 

Earlier in the year the router, the device which 
connects our company network to the Internet, 
started reporting that it was receiving data in the 
form of packets from the Internet which claimed to 
be from a host on our internal network. Sending 
packets to a site with a source IP address of a host 
at that site is known as IP spoofing and generally 
means someone on the Internet is up to no good. 
Many hosts on the Internet use source IP addresses 
as a means of authentication. If you can forge 
packets with a source IP address of a host local to a 
network from the Internet you may gain access to 
services which are supposed to be restricted to the 
local network. 

At first the packets were thought to have a 
malicious intent as my company does a lot of 
Internet security related work and the packets 
started appearing on April Fool's Day. Our 
Managing Director with his notorious sick sense of 
humour had also announced our own WWW server, 
http://www.uniq.com.au on the 1st April and it 
was thought all these factors might be related. 
How wrong one can be? 

When we started receiving packets from the 
Internet from not just one but six different hosts, 
concern mounted. By this time I was running reports 
on the router violation logs a few times a day and a 
pattern started emerging. The violations appeared 
mostly between Australian Eastern Standard Time 
business hours. I started to suspect someone, I'll call 
them "Company X" from now on, out on the Internet 
had picked our IP address out of the air and had 
started using our IP address on the Internet. 
Company X was probably wondering why their 
network was performing oddly. If they were using 
our IP address all their packets would wind up on 
our router as this is where the Internet road-map 
sends packets destined for our IP address. If 
Company X managed to convince an Internet service 
provider to change the Internet road-map to point 
our IP address to their router, our legitimate traffic 
would be sent to their site. This would be disastrous 


for our business and presumably this problem was 
already impacting Company X business as well. 

connect.com.au, our Internet service provider (ISP), 
were asked to investigate the packets and 
unfortunately they told us the packets were coming 
from outside of the connect.com.au network, most 
probably from a Telstra Internet customer or a 
customer of an ISP connected to Telstra Internet. 

A call was then logged with the Australian 
Computer Emergency Response Team (AUSCERT). 
AUSCERT respond to computer security incidents 
within Australia and are an invaluable resource for 
any organisation connected to the Internet in 
Australia. The AUSCERT staff were supportive but 
said the nature of the packets made it near 
impossible to trace, much like looking for a needle 
in a haystack. 

Luckily we had pretty sensitive magnets and a lot 
of help, as it turned out, from Microsoft. The 
packets were SMB broadcast packets, the type 
flying around most networks running Microsoft's 
standard LAN Manager network implementation. 
One of my colleagues mentioned that there was a 
version of the popular ethemet snooping program, 
tcpdump, which decoded these packets. I quickly 
found the modified tcpdump source code on an ftp 
site on the Internet. We gave a resultant modified 
tcpdump binary to connect.com.au with instructions 
and waited. A few days later we obtained a log of 
decoded SMB broadcast packets destined for our 
network. The decoded SMB packets contained user 
information and a company name. In fact, 
everything but the draft company report. 

I used the Yellow Pages web server, 
http://www.yellowpages.com.au to look up the 
company name in order to find a phone number. I 
was desperately hoping Company X would be based 
in Australia. It must have been my lucky week as I 
found one company in Sydney which matched the 
company name. 

It was really comforting to ring Company X and 
find the person who answered the phone was one of 
the users mentioned in the decoded packets. 
Company X was using our IP addresses because they 
had pulled our IP address out of the air when they 
set up their network some years in the past. 
Company X believed they had security 
mechanisms in place to stop traffic leaving their 
network for the Internet. Company X have since 
altered their network topology so that we no longer 
see their traffic. 
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What did we learn? We learnt that it is quite 
expensive when someone does the wrong thing on 
the Internet however innocently. Tracking this 
problem down cost our company time and resources. 
We learnt that seemingly innocuous services leak a 
lot of company information. We hope that 
Company X has learnt that it is extremely unwise 
to use IP addresses which are not registered or 
which belong to some other site. If Company X had 
misconfigured other Internet services, such as 
electronic mail, we could have started receiving 
other traffic which should have remained internal 
to their network. 

We learnt that it was valuable to have responsive 
technical staff at the ISP as well as having 
technical resources in house who could understand 
and deal with the problem. We learnt that 
registering with bodies like AUSCERT and 
adhering to AUSCERT advisories was of immense 
importance. We would never have realised we had 
a problem had the AUSCERT recommended anti 
IP-spoofing filters not been in place on our router. 
AUSCERT registration information can be obtained 
at http://www.auscertorg.au 

If you are planning on joining the Internet, make 
sure you understand the risks, make sure you 
understand your own network topology, make sure 
you register with AUSCERT and make sure you are 
using your own registered IP addresses or are using 
RFC 1918 addresses behind a firewall. RFC 1918 
lists a large number of IP addresses which are never 
to be routed on the Internet, and thus can be safely 
used on internal networks with no direct Internet 
connectivity. A searchable RFC index can be found 
at http://www.es.rutgers.edu/cgi-bin/rfc. 

Given the number of sites which are using 
unregistered IP addresses I have seen during the 
course of my work, I can only assume our problem is 
apparent all over the Internet. If it happens to your 
site good luck in tracking it down. If your site is 
using unregistered IP addresses please rethink your 
network topology for your own security and for the 
sanity of the poor site administrator whose IP 
address you have stolen. •> 

The author , Pauline van Winsen, is a Senior 
Technical Consultant for Uniq Professional Services 
and serves on the AUIIG executive committee. She 
can be reached by sending email to 
pauline@uniq.com.au. 


Scientific computing: 
A forgotten 
discipline? 

Brian Salter-Duke 

Phil McCrea's comment in his the AUUG 
Newsletter, AUUGN, 

"Very few computers are used for number 
crunching these days - 

possibly only supercomputers, and the odd 
spreadsheet calculation" 

... is so far off reality that I am beginning to think 
there is a conspiracy to drive us poor scientific 
computing folk out of the computing world by 
pretending we do not exist. After all, the ACS has 
ignored us for years and now seems to think 
computing is just a branch of business management. I 
thought AUUG would know better. 

It is wrong in two ways. First, lots of computers are 
used for number crunching. Second, they are not only 
supercomputers. Most number crunching these days 
is done on UNIX workstations. 

I have used the ANU Supercomputer and may use it 
again, but I do not use it now. Last year, three 
colleagues and I obtained a DEET Infrastructure 
grant that has purchased two DEC Alpha 
3000/800s. Both are now flat out number crunching. I 
also have a small IBM RISC 6000 and access to a 
larger university one. I often drive these hard 
crunching numbers. My field is computational 
chemistry and it is a rapidly growing field. In the 
US the number of graduates employed in this area 
has been growing exponentially for 10 years. Most 
are in industry. Many workstation vendors have 
specifically targeted this group in their sales 
material. Computational chemistry does include 
some symbol manipulation and some CAD-like 
graphics, but it uses lots of CPU hours crunching 
numbers. Most of it is done on workstations. Some is 
done on fast PCs (you should have seen the fuss in 
our community about the pentium floating point bug 
- it matters). The supercomputer is often the last 
resort for really big tasks. Computational 
chemistry is just one of the activities that is still 
happily crunching numbers. What about 
environmental modelling, weather forecasting etc. 
All these activities are growing, not declining. The 
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very complex modelling of all aspects of our 
complex world will show a vast expansion in the 
next few decades. 

The move here to workstations from mainframes 
and supercomputers has implications for AUUG. 
People like me are now also system administrators 
and 

we need to know a lot more about the operating 
system than we did 20 or more years ago (I go back 
35 years to Mercury Autocode!). The operating 
system is now almost always UNIX. 

While the major of PCs are text manipulators, I 
estimate a majority of workstations spend a 
significant part of their time number crunching. The 
people who run them need the support of AUUG. 
Just my $0.02 worth. ❖ 

Brian Salter-Duke, is from the Northern Territory 
University and can be reached on 
b__dnke@lacebark.ntu.edu.au. 


AUUG 

Key Signing Service 

Pauline van Winsen 

At the AUUG96 and Asia Pacific World Wide Web 
Conference held in Melbourne AUUG was pleased 
to announce the provision of a new public service: 
signing PGP public keys for the purpose of 
introducing people to the PGP "Web of Trust" in a 
simple and convenient manner. 

There is a publicly, and internationally, available 
privacy program called PGP, Pretty Good Privacy. 
PGP uses public key cryptographic techniques to 
allow messages to be exchanged between people 
across public networks, while both protecting the 
privacy of the contents and guaranteeing 
authenticity of the sender. 

One of the problems with public key cryptographic 
systems has been one of authentication. How do you 
know, for sure, that the person you think you are 
sending secret messages to is really the person you 
wanted to send it to? The answer to this problem is 
to have trusted parties who introduce you to other 
trusted parties. This is what the PGP 
documentation calls the "Web of Trust". 

The AUUG PGP key signing service aims to spread 
the use of PGP technology by expanding the Web of 


Trust, acting as an introducer for PGP keys. AUUG, 
by virtue of the conferences and meetings it holds, 
is in a position to physically meet with people, 
verify their identity, and issue key signatures 
attesting to their identity. 

To reverse the preparation of key signing AUUG 
created some "shared secrets" which were given to 
people who turned up at the AUUG stand at the 
AUUG96 conference, providing the person had 
filled out an appropriate form and had produced 
two forms of identification (one with a 
photograph). When a holder of a shared secret 
creates a PGP key they will send the public part of 
this key along with their half of the "shared 
secret" in encrypted form via email to AUUG 
signed with their PGP key. If AUUG verify all the 
information they have sent is correct AUUG will 
sign the and return the key via email. 

So what do you have to sign on the form? You state 
that you are who you say you are, and indemnify 
AUUG from liability if you have misrepresented 
that. You agree to notify AUUG if you revoke (or 
lose control) of your own key. 

When you come along to a future AUUG event or 
local AUUG Chapter activity, sign the form, 
obtain a secret and thus organise to have your PGP 
key signed. Don't forget to bring two forms of 
identification with you.- Make sure one of these 
forms of identification includes your photograph. 
More information about the PGP key signing service 
is available at http://www.auug.org.au Future 
PGP key signings will be available at local 
Chapter activities and subsequent AUUG events. 
Please contact your local Chapter for more 
information. ♦> 

AUUG acknowledges the USENIX Association , 
whose service this is based on, and the assistance of 
Qualcomm Australia in implementing the service 
and providing materials. 

How Do You Make 
Use of Petaflops? 

Frank Crawford 

While Australians have trouble trying to work out 
how to make full use of a Pentium Pro, and 
Australian industry considers a fast workstation to 
be the fastest computer they need, American 
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BOOK NEXT TO YOUR COMPUTER 


It’s the O’Reilly 


. Java 
ill a 

Nutshell 


THE BEST TOOL 

FOR PUBLISHING ON THE WEB? 


V Ve write books that help you master Internet publishing and programming topics, going above: and beyond 
mere mechanics. Our books explore subjects'in-depth and are written and reviewed by experts. Next time you 
encounter a problem, reach for the solution that doesn’t require bits or bytes or RAM. Reach for an O’Reilly book. 


PROGRAMMING PERL, 2ND EDITION 
By Larry Wall, Tom Christiansen & 
Randal L. Schwartz 
ISBN 1 -56592-149-0, $79.95 

The authoritative guide to Perl—the 
scripting utility now estabbshed as the 
World Wide Web programming tool of 
choice. The book is coauthored by 
Larry Wall, the creator of Perl 


WEB CLIENT PROGRAMMING 
WITH PERL 
By Clinton Wong 
ISBN 1-56592-214-X, $59.95 
Due Date: 12/96 


JAVA IN A NUTSHELL 
By David Flanagan 
ISBN 1-56592-183-6, $39.95 

This comprehensive volume contains 
descriptions of all the Java classes and 
their related calls and introduction 
ro important Java concepts. : 


WEBMASTER IN A NUTSHELL 
By Stephen Spa inhour & 
Valerie Quercia 
ISBN 1-56592-229-8, $39.95 

This quick reference covers HTML, 
CGI, Perl, HTTP, server configuration, 
and tools for Web administration. 


Teaches you the basics of how browsers 
communicate with servers and how to 
write your own customised Web clients 
to automate common tasks. 


GETTING CONNECTED 
By Kevin Dowd 
ISBN 1-56592-203-4, $59.95 


UNIX SYSTEMS PROGRAMMING 
FOR SVR4 
By David A. Curry 
ISBN 1-56592-163-1, $69.95 


USING & MANAGING UUCP 
By Ed Ravin, Tim D'Reilly 
Dale Dougherty & Grace Todino 
ISBN 1-56592-153-4, $59.95 

Using & Managing UUCP describes, in 
one volume, this popular communica¬ 
tions and file transfer program. UUCP 
is very attractive to computer usets with 
limited resources, a small machine, and 
a dial-up connection. 


DNS & BIND, 2ND EDITION 
By Paul Albitz & Cricket Liu 
ISBN 1-56592-236-0, $65.00 
Due Date: 1/97 

This book is a complete guide to the 
Internet's Domain Name System and the 
Berkeley Internet Name Domain soft¬ 
ware. This second edition covers Bind 
4.8.3, which is included in most vendor 
implementations today, as well as Bind 
4.9.3, the potential future standard. 


A complete guide for businesses, 
schools, and other organisations who A comprehensive look at the nitty gritty 
want to connect their computers to the details on how UNIX interacts with 
Internet. Covers everything you need to applications. If you’re writing an appli- 
know, from helping you figure out cation from scratch, or if you're porting 

which services you really need, to an application to any System V.4 

providing down-to-earth explanations of platform, you need this book, 

telecommunication options. 


DISTRIBUTED IN AUSTRALIA BY WOODSLANE PTY LTD 
Phone (02) 9970 5111 Fax (02) 9970 5002 Email fechbooks@woodslane.com.au 
P0 Box 935 Mona Vale NSW 2103 



















researcher's are looking at developing computers 
that run at Petaflop rates. 

To understand this, 1 Megaflop is one million 
Floating Point Operations per second, and is the 
standard measurement used in high performance 
computing, where floating point calculations are 
far more important than a simple count of machine 
instructions (MIPS). Further, there is no general 
relationship between MIPS and FLOPS, as the this 
is very dependent on the machine architecture. 

Put in more common terms, a 200MHz Pentium Pro 
has been rated at 13.733 Mflops, while a 120MHz 
Pentium has been rated at 3.121 Mflops. Looking at 
more powerful machines, a Fujitsu VP2200, a 
supercomputer of five years ago, had a rating of 
about 25 Mflops in scalar mode and 1.25 gigaflops 
(Gflops) or 1250 Mflops. ANU's new VPP300 has 
thirteen 2.2 Mflops processors, giving a 
theoretically maximum performance of 28.6 Gflops. 

Taken even further, the US Grand Challenge 
problems require systems that are capable of 1 
teraflops (Tflops) or 1000 Gflops. Now, researchers 
are planning systems that will run at 1 petaflops or 
1000 Tflops. If all this power could be harnessed 
for a single job, then it would be able to perform the 
equivalent of 2 years of calculations on a Pentium 
Pro in a single second. 

However, in reality, this is not how such a system 
would be used. For a start, such performance is only 
achieved through the use of massively parallel 
architectures. It is estimated that a petaflops 
system would require over 10,000 processors, and 
the complexity of programming such a system 
makes it unlikely that the theoretical maximum 
could be sustained for very long. 

Even more importantly, it would be very rare that 
a single job would have access to the entire 
resources of such a system, rather a number of 
researchers would have access to a subset of the 
resources. As an example, while in exceptional 
cases it may be possible to get access to all thirteen 
processors on ANU's system, the most made 
available for normal jobs is only 8, and for certain 
classes of jobs, only a single processor. 

Now of more interest in the use of such systems, is 
the issue of programming. As has previously been 
demonstrated with such systems as Thinking 
Machine's CM2 and CM5, programming massively 
parallel systems is a complicated process, and only 
suitable for a limited range of problems. 
Programming these systems will be performed by 


specialists, who will aim to get the maximum 
advantage from the use of the architecture and 
design of the entire system. 

The architecture of the petaflops system is just as 
complicated as the details of the individual 
processors. The problem of keeping data flow up to 
the system, either from RAM or from even slower 
peripherals, will provide challenges both for 
hardware designers and programmers. Consider 
how fast a Pentium would run if it had no RAM, 
and all data access was directly from the hard 
disk. 

Even more of a problem is the issue of 1/O data rate 
for those using the system. Imagine how much data 
can be generated on a PC in two years, and then 
compress that to one second. Presented in a 
traditional form it would certainly be an 
information overload, and hence, new presentation 
mechanisms will need to be explored. 

Finally, such a system is unlikely ever to be seen in 
Australia simply because of the cost. When most 
corporations can fulfill all their needs with a 
powerful workstation, and those that need a bit 
more power are usually part of a multinational, 
and can use the bigger systems of their overseas 
parent, none are likely to invest in such computing 
power here. ❖ 

How to Handle 
Spamming 

Catherine Allen 

One of my favourite things in the world is email: 
what better medium to say hi to a friend or to share 
important work-related information? Email is the 
keystone of the paperless office and the tele¬ 
commuter's life-line - I think it's the best things 
since sliced bread! Unfortunately, I'm not the only 
one who thinks so - hordes of marketing wannabes 
see email as a great way of reaching thousands (or 
millions) of people at almost no cost to themselves. 
In cyberspace, this sort of email is known as 
"spam". 

What's so bad about spam? 

Firstly, many Internet Service Providers (ISPs) 
worldwide charge by the amount of information 
received, so the receiver of the spam pays for it, 
even though they didn't want it! Secondly, it's 


16 


AUUGN: The Journal of AUUG Inc. 



very difficult to hang an effective "no junk mail" 
sign on your electronic mailbox. 

Thirdly, and perhaps most importantly, most 
spams are not the innocent glossy brochures you find 
in your mailbox on a Saturday - they're often make- 
money-fast scams or highly offensive rhetoric. The 
most recent spam I received was an offer to sell 
child pornography. 

So how can you protect yourself (and your loved 
ones) from the evil of spam? 

1. Check that your ISP’s Acceptable Use Agreement 
includes penalties for 

Internet abuse like spams. 

2. Check out the filtering capabilities of your 
mailer. If it doesn't have any, 

look into getting a mail filter. 

3. Many automated address collectors use 
newsgroup archives to gain address 

lists, so if you post to news, use an email address 
like "NO_JUNK_MAIL@any where" or 
"John.Doe@anISP.net.au@remove. this.to.email.m 
e". 

These invalid addresses may fool the automated 
address collectors but 

(hopefully) won’t fool real people who want to 
contact you. 

What should you do if you receive a spam? 

1. Do not reply to the sender - spammers often fake 
the return address. 

Do not send email "bombs". 

Do not make a denial-of-service attack against 
the address or site where 
the mail appears to have originated as these may 
be fake. 

2. Check that your mailer is showing all possible 
email headers. 

Lines which start with the following keywords 
give clues about the 

identity and location of the spammer (although 
some may be faked): 

From: 

Sender: 

X-Sender: 

Reply-To: 

Errors-To: 

Return-path: 

Path: 

Received: 

3. Make a list of all hostnames and domains 
mentioned in the headers and 


the body of the message. 

4. Contact your system administrator (or the help 
desk of your ISP) with 

this list. They can use this information to contact 
the spammer's ISP, 

which will hopefully deal with the spammer in 
an appropriate way. 

5. If the spam continues, post a copy with full 
headers to the newsgroup 

news.admin.net-abuse.misc 

If the spam includes references to pornography or 
other illegal activity (like pyramid scams or chain 
letters), it may be worthwhile suggesting that your 
ISP contacts the Australian Federal Police about 
the matter. ❖ 

For more information, please see 
http://kryten.eng.monash.edu.au/gspam.html 

Internet security - 
what technology 
can't solve! 

Pauline van Winsen 

In the last few months there have been a raft of 
newly exploited Internet attacks. Some of the 
attacks aim to destroy or ruin an organisation's 
reputation by altering their web pages. This attack 
was successful against both the CIA and the US 
Department of Justice. Other attacks are based 
purely on denying service to an organisation by 
flooding their site with particular packets. This 
last attack is known as a "SYN" attack and has 
been used to put Internet Service Providers off 
the air. 

The latest version (8.8) of sendmail, the popular 
implementation of the mail transport protocol, was 
released complete with a major security 
vulnerability. Unfortunately, another security 
vulnerability was found in the patched release so 
this was replaced shortly after by sendmail-8.8.2. 

These three separate attacks highlight the many 
issues owning an Internet presence which 
technology fails to address. These issues include: 

- Cost of ownership - an organisation has to invest 
resources in making sure their security technology is 
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up to date. History has shown that as soon as one 
vulnerability is closed, another one will be found. 

- The risks of extending trust to an Internet Service 
Provider - how secure is your ISP's web site and can 
you be confident about the integrity of your 
organisation's web pages? 

- What is secure today will probably be insecure 
tomorrow - what processes does your organisation 
go through to ensure that the Internet technology is 
resistant to known attacks? 

- Intruder detection and incident response - How 
does your organisation know when it has suffered a 
security breach and how does it respond when a 
breach is discovered? 

Unfortunately many of the decisions surrounding 
these issues are not addressed at all or are left to be 
solved by systems administrators, external 
contractors or security technology vendors. These 
people will no doubt have the organisation's best 
interests in mind, however they may not be aware 
of all the requirements to protect data and 
infrastructure. Typically they do not address legal 
requirements to protect information. 

It is also an unfortunate fact that many 
organisations do not invest in developing policies 
and procedures to address non-technical security 
issues until they have been successfully attacked. A 
recent survey has also shown that many 
organisations also are attacked by insiders. 

However, there are a large number of steps an 
organisation can take to minimise the risks of a 
successful attack: 

- Assessing the risks involved with having an 
Internet presence. 

- Developing a site security policy and incident 
response plan. 

- Providing adequate training and backup for key 
personnel. 

- Ensuring that key personnel are kept up to date 
with security vulnerability information. E.g. by 
reading security related mailing lists. 

- Registering with a body such as AUSCERT, the 
Australian Computer Emergency Response Team, 
which can provide invaluable help with incident 
response as well as detailed information on 
defeating known vulnerabilities. 


One of the best resources for computer security 
related material on the Internet can be found at 
http://www.cs.purdue.edu/coast/. COAST is 
Computer Operations, Audit and Security 
Technology, a multiple project, multiple 
investigator laboratory in computer security 
research. 

The O'Reilly & Associates books, 'Building 
Internet Firewalls' by Chapman & Zwicky and 
'Practical UNIX and Internet Security' by 
Garfinkel & Spafford provide invaluable 
references to anyone involved in the computer 
security field. ❖ 

Modern Operating 
Systems Unleash 
Pentium Hardware's 
Power 

Rob Kolstad 

President of Berkeley Software Design, Inc . 

Too often, users install shiny new computer systems 
whose processors run twice as fast as their old 
systems only to find that their applications run just 
a bit faster than before. They install more RAM, 
more disk, more swap space yet still find marginal 
improvement. 

Intel Pentium systems and the new Pentium Pro 
systems have incredible computing power that can 
be unleashed by modern operating systems. 
Clocking in at 100 and 200 MIPS respectively, users 
can harness these engines to deliver incredible 
performance for networking, file serving, and other 
applications. 

Why do users so often observe less than dramatic 
speedups? Because their operating systems are not 
optimized for performance. The popular Microsoft 
operating systems are optimized for backward 
compatibility, ease of new device addition, and for 
use by novices who make problems when they 
power down the computer while it is running, for 
instance. This eliminates certain strategies which 
can improve performance. Likewise, generic device 
drivers rob systems of their power. Backward 
compatibility adds overhead every time the 
system is used (for instance, for input/output or 
networking). 
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Alternatively, operating systems written in the 
style of UNIX provide astounding performance. 
Device drivers are optimized to achieve maximum 
throughput, disk operations are conserved by 
keeping often-used disk blocks in memory, and 
system services are streamlined to offer the best 
possible performance. 

So what does 'written in the style of UNIX' imply? 
It means that: 

- All vendors have an opportunity to create 
blazingly fast applications (unlike Windows 
systems where Microsoft uses certain undocumented 
Windows NT features to speed their Web server). 

- Users can purchase hardware at the level they 
need, without buying extra power they can never 
harness. 

- Off-the-shelf PC's can fill roles normally 
reserved for their far more expensive workstation 
cousins. 

By way of example, my company's BSD/OS 
operating system, when operating on a Pentium-Pro 
processor (200 MIPS), can serve web pages at the 
rate of over 43,000,000 per day! This hardware 
costs about A$7,500. Of course, a web server running 
that fast requires a 45,000,000 bit/second line — 30 
times faster than the high speed T-l lines that run 
at 1,540,000 bits/second (just under 200,000 
bytes/second). 

When operating on an off-the-shelf P5/133 
processor, the BSDI-based server fulfills over 
1,200,000 HTML requests per hour, over 28 million 
hits/day. 

How do these systems deliver such incredible 
power? They implement the wisdom of 25 years of 
operating system development. 

When a web page is used with any frequency at all, 
it is kept in high speed RAM. Likewise, disk 
blocks. Disk device drivers are written to squeeze 
every nanosecond out of the critical code that 
determines which block to read 
next. By saving revolutions of the disk and 
'chaining' operations quickly, BSD/OS can run new 
high-speed disks at their full 5 MB/second 
capacity. That's 50 times faster than the mid- 
1980's when 0.1 MB/second was considered high¬ 
speed. Processors are also 50 times faster. This 
balance, when coupled with ever-growing and 
ever-cheaper RAM (4x cheaper than one year ago). 


enable super-servers to be constructed from 
commodity-priced run-of-the-mill PCs. 

Good software can make all the difference. 
Consider all the options before opting for expensive 
servers from workstation companies. High-end (but 
low cost) Pentium processors can beat all but the 
most expensive workstations at their own game. ❖ 


Name.Space vs DNS 

David Purdue 

On the 12th of November an Article entitled "Yes, 
we can all win the Internet Name Game" appeared 
on the front page of The Australian's Computers & 
High Technology Section. 

The article lauded the achievements of one Paul 
Garrin, who has set up "Name.Space", an 
alternative implementation of the Internet Domain 
Name Service. 

The Domain Name Service (DNS) is the 
mechanism used by the Internet to translate easy to 
remember names (e.g. www.auug.org.au) into hard 
to remember IP addresses (e.g. 203.10.76.35). 

DNS functions as a distributed database, organised 
in a hierarchical fashion. At the top of the DNS 
hierarchy there are designated root servers. (In 
computing, roots are always at the top.) These root 
server delegate responsibility for top level 
domains (such as .com or .edu or .au) to other 
servers, and they in turn delegate responsibility for 
lower level domains to other servers. 

Recently the DNS system has received some 
criticism, for two main reasons. 

One is that it is getting increasingly difficult to 
register the name you want, especially in the .com 
or .com.au domains. 

The other is that the government agencies and 
volunteers who used to administrate the top level 
domains have passed this responsibility over to 
private companies, who are charging for the 
maintenance of domain names. 

Unless you an administrator at an ISP or the owner 
of one of these domain names the whole process is 
probably invisible to you. 
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What Mr Garrin has done is set up a new and 
separate Domain Name Service. This is easy 
enough to do - all you need is your own set of root 
level servers and enough people willing to 
recognise their authority to delegate parts of the 
DNS name space. 

The Australian article claimed that this was a 
good thing, because Name.Space charge less for 
domain registration, and because they have 
replaced the boring InterNIC top level domains 
(like .com, .edu and .au) with racier and jucier ones 
like .zone, .cafe and .sex. 

Mr Garrin encourages others to set up similar DNS 
name spaces in the spirit of competition and free 
enterprise. 

I, however, would argue that a plethora of 
competing Domain Name Services is a bad thing - 
and my argument is based on the overriding 
principles of the Internet and indeed the principles 
of AUUG. 

The Internet works only because those who connect 
to it agree to communicate with each other using a 
standard, well defined and published set of 
communication protocols, usually referred to as 
TCP/IP, and defined in the Internet RFC's. 

AUUG is interested in and promotes the Internet 
because it is based on open standards. 

One of the things we agree upon when we 
communicate is how to translate domain names into 
IP addresses. The Internet RFC’s say that the 
authority to determine domain names lies 
ultimately with the Internet Assigned Numbers 
Authority (IANA). 

Just as it is IANA's responsibility to ensure that 
every machine on the Internet is allocated a unique 
IP address, it is also ultimately their 
responsibility to ensure there are no clashes in the 
name space. 

However if people go around setting up their own 
DNS systems, then this is impossible to enforce. 
The independent DNS's can only exist if users 
ignore IANA's authority to delegate domain 
names. 

There are two ways competing DNS systems could 
operate - they could either be totally separate or. 
they could exchange information about each other's 
name spaces. 


If they are separate, then it could become nearly 
impossible to send e-mail. To receive e-mail you 
would need an address in each name space, so that 
my InterNIC address would be 
davidp@auug.org.au, my Name.Space address 
would be davidp@auug.user.group, while in Joe's 
Discount Names I am known as 
davidp@blah.cough.splutter (Joe's names aren't 
very good, which is why they are cheap). You 
don't know which name space the sender will be 
using to send you mail, and it is not always easy to 
change name spaces mid-stream. My business card 
will have to be a foot long! 

If all the DNS’s do exchange information, then it 
just shifts one of the problems with the existing 
DNS up a level. Instead of slugging it out for your 
favourite domain in .com, you will slug it out at the 
root level. 

Remember that while you can register whatever 
name you like in Name.Space, your name will only 
be seen by those who agree to use Name.Space's 
root DNS servers rather than those designated by 
the IANA. 

I do not claim that the current DNS system is 
perfect. It is experiencing problems that have been 
brought on by the changing nature of the Internet, 
and it will be some time before the Internet 
community can come to an agreement on the best 
way to solve these problems. 

However I do not believe that setting up a plethora 
of competing domain name systems, however "free 
market" and "competitive" that may be, is the 
solution to the Internet's naming woes. ♦> 
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New Products 

SOFTWARE INTELLIGENCE 

Contact: Julie Smyth 
Tel: (03) 9431 0133 
Fax: (03) 9431 2045 
Email: julie @ si. com. a u 

Software Intelligence is a leading Australian 
provider of enterprise-wide information security 
solutions for client/server computing environments. 
The OmniGuard suite of software products enables 
organisations to centrally manage information 
security policy across a wide variety of 
client/server platforms. In addition, OmniGuard 
provides enhanced data confidentiality, access 
control, user administration, and intrusion detection 
for PC,s, PC-LANs, UNIX, Windows NT, and mid¬ 
range systems. 

For further details on any of the OmniGuard 
products, contact Software Intelligence by email at 
security@si.com.au or visit our Web Site at 
http://www.si.com.au. ❖ 

OMNIGUARD: 

INTRUDER ALERTREAL-TIME 
MONITORING AND INTRUSION 
DETECTION 

Now Available for Windows NT 

Software Intelligence today announced the 
availability of AXENT Technologies, 
OmniGuard/Intruder Alert (ITA) version 2.3 for 
Windows NT. This release of ITA gives users the 
ability to monitor security-related events across 
UNIX, NetWare, and Windows NT and correlate 
those events to detect intruders, suspicious activity, 
or unauthorised uses of computing resources. ITA 
version 2.3 runs on Novell NetWare versions 3.x 
and 4.x, including NDS, Windows NT versions 3.51 
and 4.0 platforms and most major UNIX operating 
systems including HP-UX, AIX, Digital UNIX, 
Solaris, SunOS, IRIX on Silicon Graphics, and NCR 
MPRAS. Also included in this release is a 
Windows-based GUI that runs on Windows 3.1, 
Windows 95 and Windows NT. 

Today, most IT organisations have lots of audit 
logs, the problem is they don,t have enough people 
to review those logs. In addition, because these 
logs are produced by multiple servers running 


multiple operating systems, it is difficult to 
correlate audit events across different platforms. 
Even if suspicious activity is discovered in the 
audit logs, it is often too late to do anything about 
it,%o said Pete Privateer, AXENT,s senior vice 
president of product operations. AXENT is very 
excited about this release of ITA because it will 
enable security managers to easily detect and 
automatically respond to unauthorised activity in 
a multi-platform LAN environment. 

As more and more corporations connect their 
networks to the Internet, the opportunity for 
internal abuse and external intrusions is increasing 
dramatically. In a recent US Department of 
Defense penetration test, attacks were mounted on 
9,000 systems. Of those 9,000 attacks, 7,900 were 
successful and only 320 were detected. Of the 320 
that were detected, only 15 systems responded to 
the attack. While Internet firewalls provide a 
perimeter defense against external intruders, 
firewalls are far from foolproof and, if the 
perimeter defense is breached, the internal systems 
behind the firewall are vulnerable. ITA adds 
another layer of defense that can detect suspicious 
activity and stop intruders before they can gain 
access to the internal systems. 

Not all threats are from external sources. A recent 
study by the American Society for Industrial 
Security indicates that most security incidents are 
the result of abuse by insiders. Unfortunately, in 
today,s distributed computing environment it is 
quite possible for authorised users to do 
unauthorised things. ITA monitors all UNIX, 
NetWare, and Windows NT servers in the network 
for abuse and unauthorised activity. If abuse is 
detected, ITA can take automated actions including 
alerting the security administrator through the 
ITA console or by electronic mail or pager. ITA can 
take additional actions such as disable the user,s 
account, stop a program from running, block access to 
a system, or a wide range of other operations. 

OmniGuard/ITA,s intrusion detection capability 
enables users to watch for real-time patterns of 
abuse across their entire enterprise via a powerful, 
rule-based engine that analyses a wide variety of 
data streams in each operating system as well as 
application audit trails, noted Robert Parker, 
product manager for Intruder Alert. ITA is designed 
to recognise internal or external threats to your 
network based on attack signatures known as 
policies. These policies can be constructed to 
monitor not only external attacks and probes, but 
can also be configured to watch for unauthorised 
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activity patterns, which are a bigger threat to a 
network. ❖ 

OMNIGUARD: 

UNIX PRIVILEGE MANAGER 

A new software product that provides control and 
partitioning of root privilege on UNIX systems 

Software Intelligence announces the availability 
of OmniGuard/UNIX Privilege Manager (UPM), 
from AXENT Technologies, Inc. UPM will be the 
newest addition to the OmniGuard suite of 
enterprise security solutions. UPM will enable 
systems managers to regain control of root privilege 
on their UNIX systems. The new product is 
available for most major UNIX operating systems, 
including HP-UX, Sun Solaris, IBM AIX, Digital 
UNIX, and Silicon Graphics, IRIX. 

Technical Specifications 

UPM solves a serious UNIX security problem which 
is caused when too many users are given privileged 
root access in order to perform routine job functions. 
When the root password is granted to a user for 
such routine activities as starting and stopping 
print queues or running backup jobs, that same user 
can have access to any file on the system, including 
sensitive salary, financial, or operational 
information. A user with root privilege can 
manipulate any system data area, set up 
unauthorized user accounts, or even take over 
operational control of the entire system. To reduce 
this security risk, UNIX shops must hire 
additional expensive UNIX systems 
administrators to perform routine operational 
activities. 

OmniGuard/UNIX Privilege Manager (UPM) 
offers a way to address this problem with minimum 
impact on end users and UNIX systems 
administrators, without modifications to the 
UNIX operating system. With UPM, 
administrators can grant users the ability to run 
programs or commands that ordinarily require root 
access without giving the user full root privileges. 
Furthermore, the ability to run these commands can 
be restricted by machine, by location, and even by 
time of day. 

’’With UPM, we can now provide a UNIX systems 
manager with the ability to control authority and 
privilege levels at an acceptable cost, and with the 
critical auditability needed in a production 
environment", remarked James R. Bowerman, vice 


president and general manager of the resource 
management business unit at AXENT. 

In addition to root partitioning and control, UPM 
gives administrators the ability to audit who is 
running privileged UNIX commands. This ensures 
that the users who have the authority to affect 
system operations are using their authority in 
accordance with corporate goals and policies. 
Other users are prevented from taking actions 
which might disrupt the production systems or 
accessing sensitive data. 

UPM works without requiring modification to the 
underlying operating system, which eliminates the 
reliability and support problems inherent in 
competing products that modify the UNIX kernel 
or replace native UNIX file access controls. 

UPM supports OmniGuard,s manager/agent 
architecture. UPM allows UNIX administrators to 
define privilege policy on one or more centrally 
located managers and ensure that this policy is 
enforced at multiple agent nodes. Multiple 
managers provide the ability to provide 
redundancy for high reliability, or alternatively 
allow partitioning of the network so that 
authority can be effectively delegated at the 
departmental level. 

UPM is integrated with other OmniGuard modules 
including OmniGuard/Enterprise Access Control® 
for UNIX and OmniGuard/Intruder Alert® for 
UNIX. Using Intruder Alert, unauthorized actions 
can be detected and prevented. Enterprise Access 
Control for UNIX facilitates UNIX user 
administration and allows user profile information 
to be accessed by UPM for authentication purposes. 

General Availability 

UPM is scheduled for general commercial 
availability on October 31, 1996, and is available 
directly from Software Intelligence. 


Volume 17, Numbers 5 and 6 


23 




Book Reviews 

Sub-editor: Frank Crawford 

Well, the Internet, the World-Wide-Web and Java 
are certainly big in the computing industry, as can 
be seen by the assortment of books we have this 
issue. We have reviews of books which range from 
how to program in Java, to how to create Java 
applets, onto VRML, and finally onto networks, the 
Internet and Firewalls. For those who don’t care 
about the Internet, there is also a review of a book 
on LaTeX, a text formatting package. 

I have to thank Danny Yee, who has offered a few 
of his reviews, without any coaxing. He has no 
connection with any of the publishers, but does 
reviews of a number of books, for everyones benefits. 
His reviews can be read on the web from 
http://www.anatomy.su.oz.au/danny/book- 
re views/. 

As many of you have noticed, we currently have 
lots of books coming for review. The current 
practice is to post a note to the mailing list <auug- 
books@ansto.gov.au> and the newsgroup 
aus.org.auug when we have new books available. 
Unfortunately, this disadvantages members 
without network connections, or on the end of a low 
speed link. For people in such a position, either 
mail, via the AUUG PO Box, or fax me on (02) 9717 
9273, with your contact details and preferences. ♦> 



java in a Nutshell 

by David Flanagan 
O'Reilly and Associates 
1996, 438 pages, $29.95 
ISBN 1-56592-183-6 

Reviewed by 
Peter Gray 

information Technology Services 
University of Wollongong 
<pdg @ uow.edu.au> 

This book describes itself as a desktop reference for 
Java programmers. People thinking of buying this 
book should bear that in mind. This is a not a book 
aimed at teaching you the Java language. 

The book is divided into five sections. The first is 
titled "Introducing Java" and gives an introduction 
to the language aimed at 

the C or C++ programmer. This section only 
occupies about 80 pages and goes through a 
description of the language at a rapid pace. 
Although terse, the information presented is well 
laid out and quite easy to follow for people in the 
target audience. 

Part 2 is entitled "Programming with the Java 
API" and introduces the reader to most of the 
packages needed to write Java applets. Topics 
covered include applets, GUI building, I/O, 
networking animation, and threads. The section is 
also around 80 pages in length. It includes large 
amounts of code as examples. 

Part 3 is the "Java Language Reference". Here we 
find detailed information about the Java syntax 
presented in a straightforward and relatively 
compact manner. This section also includes a rather 
brief descriptions of events font and colour 
handling, and applet parameters. There is also a 
short but quite good summary of Java security 
features. The last few chapters in this section cover 
Java related HTML syntax and the Java 
Development Kit (version 1.0). 

Part 4 is the Java API quick reference organised on a 
package by package basis. This reviewer did have 
one major complaint with this section. The 
description of the objects found in the JDK packages 
often lacked the detail needed for serious 
programming. It is no replacement for the JDK 
documentation. This may have been a deliberate 
choice on the part of the author to restrict the size 
of the book. It is easy to imagine a future series of 
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Java books with a complete volume devoted to each 
of the standard Java packages. 

The final section of the book is a series of indexes. 
Some examples of the indexes provided are; a 
"class to package" index, a "method to class" 
index, an "implemented by" index for interfaces, 
and a "thrown by" index for exceptions. There are 7 
indexes in all totaling 28 highly useful pages. 

"Java in a NutShell" is based on version 1.0 of the 
Java API. The reader should be aware that 
subsequent releases of the API have contained 
minor changes from version 1.0 

All in all this reviewer would say the book lives 
up to its promise of being a useful desktop reference. 


Active java: Object-Oriented 
Programming for the world 
wide web 

by Adam Freeman and Darrel Ince 
Addison-Wesley 
1996, 235 pages, US$25.95 
ISBN 0-201-40370-6 

and 

EXPLORING JAVA 

by Patrick Niemeyer and Joshua Peck 
O’Reilly & Associates 
1996, 407 pages 
ISBN 1-56592-184-4 

Reviewed by 
Danny Yee 

<danny@ cs.su. oz.au> 

Somewhat bemused by the marketing frenzy and in 
no particular hurry to learn yet another 
programming language, I have refrained from 
asking for review copies of any books on Java. But a 
number turned up on my doorstep anyway and I 
found it hard to resist finding out what all the fuss 
was about. 

The first book to arrive, and the only one I read 
right through, was Active Java. This is an 
introduction to Java aimed at those with basic 
programming competence but no experience with an 
object-oriented language. It works its way through 
the basics of the language, explains how to use the 


awt and net libraries, then introduces the Java 
Development Kit and the basics of writing applets 
and applications. It concludes with a chapter on 
Java internals. The stress is on covering all the 
important ideas and concepts rather than on 
providing details. Active Java is an easily 
followed and clearly laid out volume which I 
recommend for anyone wanting a broad overview of 
Java: I think it would also make a good textbook for 
an undergraduate course, though it lacks exercises 
and is perhaps not repetitive enough. 

As a supplement to Active Java and a source of more 
detailed information, I used Exploring Java. This 
begins with a brief look at internals and security 
issues and then launches straight into a basic 
"Hello Web!" applet. It contains detailed 
descriptions of the basic classes and standard 
libraries and is clearly aimed at experienced 
programmers who want to learn Java in order to 
write serious applications. 

I have only glanced at the three other books on 
Java that turned up: Java in a Nutshell (O'Reilly) 
looks like a reference for the serious Java 
programmer; On To Java (Addison-Wesley) is a 
textbook with an unusual layout, using 
points/paragraphs numbered sequentially 
throughout; and Learn Java on the Macintosh 
(Addison-Wesley) comes with a Mac version of the 
Java Development Kit on CDROM. But anyone 
after a book on Java should look around carefully: 
as even this small sample illustrates, there are 
books on Java for all sorts of niche markets. I 
wouldn't be at all surprised to see titles like From 
Common Lisp to Java for Amiga Users and 101 
Implementations of Tetris in Java appearing! ♦> 

Creating Cool web Applets with 
Java 

by Paul J. Perry 

IDG Books Worldwide, Inc. 

1996, 360 pages + CD-ROM 
ISBN 1-56884-881-1 

Reviewed by 
Lawrie Brown 

<Lawrie. Brown @adfa. oz. au> 

This is another contribution to the ever growing 
pile of books jumping on the Java bandwagon. It 
does however have a more specific focus, namely 
introducing with the aid of many examples how to 
write some simple but useful Java applets for use in 
web pages, particularly by using existing objects 
and classes. Consequently, I think it is more 
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successful as a result. Although the book claims the 
only background needed is a familiarity with using 
DOS and Windows, I think you'd be struggling 
without some background in procedural 
programming languages, especially in C. The main 
focus of the book is a series of chapters illustrating 
by example how Java applets can be used for 
certain tasks. 

In more detail the books contents are as follows: 

Ch 1 is a brief introduction to the Internet, the 
Web, and to Java. 

Ch 2 discusses how to use the Netscape Navigator 
web browser in particular. 

Ch 3 provides a brief overview of the basic HTML 
constructs used to construct static web pages. Then it 
moves on to the main focus. 

Ch 4 introduces Java, the concept of OO 
programming, all the basic language constructs, and 
the use of the Java Developers Kit (JDK). The book 
skates very quickly over the fundamental language 
constructs in this chapter, which would pose no 
problems for a competent programmer, but may 
cause difficulties otherwise. 

Next come a series of chapters of applets by 
examples. 

Ch 5 discusses how text and graphics can be 
displayed, in different fonts and colors, and the 
various graphic primitives. 

Ch 6 looks at incorporating images and animations. 
The latter using a sequential display of a set of 
graphic images, via the Animator class (which is 
distributed as part of the JDK). 

Ch 7 describes how sound clips can be loaded from 
AU files and played by applets, including a 
random play example. 

Ch 8 discusses handling input events from the 
keyboard and mouse, including a very simple paint 
applet. 

Ch 9 briefly documents all the demo classes 
provided with the JDK, which can be used as 
supplied, in web pages. It describes them, and 
itemises the parameters to each. 

Ch 10 looks at network communications, at loading 
a new URL, accessing a file on the server, and 
briefly mentions the existence of sockets. It also 


discusses the use of exceptions and exception 
handlers. 

Ch 11 describes the AWT GUI toolkit which is 
currently provided for Java applets. It describes 
the types of controls available, briefly discusses 
the various geometry managers used to layout the 
controls, how controls are added, how events 
generated by them are handled, and how the 
browser status line can be modified. 

Finally Ch 12 continues the development of user 
interfaces by discussing how to create separate 
windows, dialog boxes, and menu bars. 

The book ends with several reference appendices. 

The book comes with an associated CDROM. This 
contains the source for all the examples in the book, 
as well as a copy of the JDK for Win95 or WinNT, 
and a copy of an issue of the JavaWorld magazine. 
The files on the CDROM use standard 8.3 DOS 
names, however batch files are provided to expand 
them to the long names actually used. A major flaw 
is the fact that the expanded long names are all 
lowercase when the the HTML and Java source 
files assume mixed case names. Consequently on a 
case-sensitive file system such as Unix, nothing 
worked when first unpacked. Particularly when 
the author actually warned about the need for care 
with filenames several times in the text, this was 
quite annoying. Its a times like these that the 
underlying PC focus becomes apparent, though the 
vast majority of the book would be applicable on 
most platforms. 

The major strength of this book are its numerous 
examples illustrating the techniques being 
discussed. Mostly these relate well to the 
associated chapter content. I would have liked to 
have seen some suggested exercises though, to 
encourage the reader to try some of the techniques 
out. As it is, you're left very much on your own in 
deciding what to try, and where to go next. 

In conclusion, I think this book make a reasonable 
attempt at satisfying its goal, illustrating by 
example how to use Java to enhance web pages. It is 
certainly not a comprehensive reference, and I 
think you do need some programming background to 
make the most of it, but its worth considering if 
your interest is primarily in writing simple applets 
for your web pages. ❖ 
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VRML: BROWSING AND BUILDING 
Cyberspace 

by Mark Pesce 
New Riders Publishing 
1995, 424 Pages 
ISBN 1-56205-498-8 

Reviewed by 
Kirk Barrett 

BHP information Technology 
<barrett.kirk.kh @bhp.com.au> 

I offered to review this book as someone who has 
been working with Web technology for a couple of 
years but had very little background in VRML 
(pronounced 'vermal'). In fact until I began reading 
the book I had not even browsed a VRML world. 

The book was written by one of the founders of the 
VRML language, Mark Pesce, and contains a 
wealth of information for those wishing to get 
started in Virtual reality on the web or Cyberspace 
as it has become known. The "Road Map to VRML" 
at the start of the book indicates that the target 
audience is anyone "from the novice Web user to an 
accomplished programmer". To facilitate this 
Mark Pesce has suggested three possible paths 
through the book, the 'novice' path, the 'hackers' 
path and the 'designers’ path. The 'novice' path is 
aimed at the reader who is not familiar with the 
web or VRML a includes the chapters that cover an 
introduction to the web, VRML browsers, VRML 
tools. It provides a good introduction for those 
readers that want to get up and running quickly but 
to be honest it wouldn't be worth buying the book it 
this was all you were interested in. 

The 'hackers' path is aimed at the reader with 
experience with the web and a knowledge of 3d 
graphics and who is interested in getting into 
cutting VRML code as soon as possible. It runs 
through the chapters that comprise the books 
VRML Primer and those that cover important 
technical publishing issues as well as a look at 
impending future developments with VRML. This 
path also covers server scripting for VRML using 
Perl and a high level chapter on how to write a 
VRML browser..The designers path is aimed at 
those readers who are designing their own VRML 
site and includes ail chapter except those in the 
VRML primer and the chapter writing your owner 
VRML browser. As you can imagine this path is 
probably most useful if you are planning a VRML 
site but not going to be getting your hands dirty 
with VRML coding. 


The book is divided into five parts each containing 
a number of chapters. 

Chapters 1 to 4 make up Part 1 which is titled 
"Colonizing Cyberspace". Chapters 1 and 2 provide 
an overview and background of the development of 
electronic communications and the Web as well as a 
brief history of VRML. Chapter 3 gives a short 
description of how VRML works and how it fits 
into the Web. Chapter 4 covers Web browsers with 
detailed examples based on demonstration copies of 
browsers provided on the book's companion CD. 
Ample screen snapshots are provided but the b/w 
pictures are very dark and fail to assist the reader 
in any great way. I felt greater benefit was gained 
by reading this chapter while using the browsers. 

Chapters 5 through 8 make up Part 2 entitled "The 
Complete VRML Primer". Chapter 5 contains a 3d 
graphics primer written for the novice reader or one 
who wished to refresh their knowledge on this 
topic. There is little technical detail but it does 
provide an easy to read introduction to "the basic 
components of three-dimensional graphics and how 
we use a computer to create realistic images.". 
Chapters 6,7 and 8 provide a complete primer on 
VRML 1.0 at the end of which you should be able to 
develop your own VRML worlds. An example is 
built up through these chapters that starts with a 
simple yellow sphere and ends with a complete 
heliocentric clock that enables you to view in 3d 
the position of the Sun, Earth and Moon at any 
point in time. The complete code for this including 
Perl scripts is included on the companion CD. 

Part 3 only contains a single chapter covering 
VRML style guidelines and a couple of the VRML 
world building tools included on the companion CD. 
A walkthrough of the VRML building tools is 
provided enabling the reader to build a simple 3d 
room with windows and a door, play with texture 
mapping and create hyperlinks from 3d objects 
other VRML worlds or web pages. 

Chapters 10 through to 13 make up Part 4 entitled 
"The Road to Know Where". Chapter 10 covers 
VRML optimization an publishing issues like level 
of detail and inline inclusion of VRML objects from 
other servers. Chapter 11 provides a high level 
description of what is required to write a VRML 
browser. Chapter 12 details the thoughts of the 
author and three other major players in the VRML 
arena on style and design issues for cyberspace. This 
chapter made for a very interesting read and many 
of the concepts covered also have direct 
application in the design of Web sites. Chapter 13 
wraps up the book with a look into the future for 


Volume 17, Numbers 5 and 6 


27 




AUUG BOOK CLUB 

& 

PRENTICE HALL AUSTRALIA 


20% DISCOUNT TO AUUG MEMBERS 

Please send me a copy/copies of the following book — 


Special Edition Using SAP/R 3 
ISBN 078970689X Cloth 

Behavioral Synthesis: Digital System Design 
ISBN 0135692520 Cloth 


Perl 5 Interactive Course 
ISBN 1571690646 


Book with CD 


$8995 


$9995 


The Best of AIXtra: An Eclectic UNIX Anthology 
ISBN 0134944445 Paper 

Upgrading & Repairing Pcs 6th Edition 
ISBN 0789710536 Cloth 

Building a Data Warehouse for Decision Support 
ISBN 0135906628 Cloth 

Linux Companion 

ISBN 0132318385 Paper 

ISDN Consultant 

ISBN 0132590522 Paper 


$5995 


$3995 


$5 995 


$79.95 


$71.95 


$79.95 


$65.95 


$95.95 


$47.95 


$31.95 


$47.95 


Name:_ 

Company:. 
Address: 


PLEASE SEND MY 
BOOK/S ON 
30-DAY APPROVAL 


Expiry Date: 
Signature:_ 


Java Developers Resource 

ISBN 0135707897 Paper $54:95 $43.95 

AUUG members receive 20% discount below recommended retail price 
Please send me the selected book/s on 30-Day approval 


Position:_ 


_ T elephone: ___ 

| | Enclosed cheque for $_(Payable to'Prentice Hall Australia 7 ) 

| | Charge to me OR Q Company purchase Order No._ 

Please charge my: Bankcard Visa MasterCard | | AMEX 

Credit Card No: I I I I I I I I I I I I I I I Mil] 


Mail or fax completed order form to Prentice Hall Australia, 
PO Box 151, Brookvale NSW 2100 


| | Please add my name to your mailing list in the 

following areas: (please list subject areas) 



OR Use our PHONE SERVICE by calling 
Jan Blenkinsop SYDNEY (02) 9907 5693 

PRENTICE HALL AUSTRALIA 

7 Grosvenor Place, Brookvale NSW 2100 

Tel: (02) 9939 1333 • Fax: (02) 9905 7934 a.c.n.ooo383 406 












VRML talking about immediate enhancements that 
were planned at the time the book was published 
as well as many long term plans from VRML 2.0. 
Around mid August this year it was announce that 
the basic standard for VRML 2.0 was agreed to at 
SIGGRAPH'96 with some of the sticking points 
like 3d Avatars left to be resolved separately. 

The 3 appendices at the end of the book contain a 
complete specification for VRML 1.0, an extremely 
useful list of VRML resources and a full description 
of the contents of the companion CD that comes 
with the book. 

Overall the book was interesting and easy to read. 
I did not follow any of the suggested reading paths 
electing instead to read through it sequentially. By 
the end of the book I was able to fairly easily put 
together a simple world containing a giant 3d 
version of my business card, a transparent GIF 
image texture mapped onto a sphere hyperlinked 
to my personal home page and some 3d text floating 
at various places. One point to note thought is that 
with the recent release of the VRML 2.0 standard I 
would expect that an updated version of this book 
will be re-released in the near future. ♦> 

A guide to latex 2e: 
document preparation for 

BEGINNERS AND ADVANCED USERS 

by Helmut Kopka and Patrick W Daly, 

Addison-Wesley 
1995, 554 pages, $49.95 
ISDN 0-201-42777-x 

Reviewed by 
Jagoda Crawford 

Australian Nuclear Science and Technology Organization 
<jc @ ansto.gov.au> 

This guide is based on Helmut Kopka's German 
book on LaTeX, and according to the preface was 
inspired by the number of requests for an English 
translation. This second edition presents both the 
classical version (designated 2.09) and the now 
official standard, named LaTeX 2e. 

For those who are not familiar with TeX, it is a 
text formatting package (similar in concept to troff) 
designed by Donald E Knuth for the formatting of 
scientific and technical documents/books. LaTeX is 
a macro package designed for use with TeX. It has 
been widely accepted in the scientific community,, 
with many scientific journals and conferences now 


requesting that contributions be submitted in LaTeX 
format. 

The book is purely aimed at the users of LaTeX, and 
requires little experience with computers. It does 
not cover in any depth the installation and 
configuration. For those interested in installation 
the O’Reilly book. Making TeX Work , by Norman 
Walsh, is a good reference. Kopka and Daly 
explain the basic elements of the standard 
distribution of LaTeX, giving examples and 
exercises. 

The authors start by giving an overview of text 
formatting and TeX, then on to LaTeX and finally 
leading to LaTeX2e. After presenting such things as 
environments and special characters, document 
layout is presented. It describes how to set up the 
page style and the various parts of the document 
e.g. title page, abstract, various sections, 
appendices, table of contents etc. This, I found a 
very useful section as it sets the scene for document 
formatting. 

The introductory section is then followed by a 
chapter on the different ways of displaying text, 
covering such topics as changing fonts and font 
sizes, underlining, centering, indenting, lists, 
tables, boxes etc. A chapter on each of the 
following is also provided: 

- formatting of mathematical formulas, 

- pictures, building blocks from which pictures are 
constructed, text, straight lines of various 
inclinations, arrows, circles and ovals, 

- defining user commands, 

- advanced features - subjects included here are the 
splitting of a document into several files, selective 
processing of parts of a document, cross-references to 
sections, figures and equations, automated 
production of bibliographies, indices and 
glossaries, handling different sets of fonts and 
preparing presentation materials (slides). 

- basic structure of error messages, some sample 
errors and a list of error messages with a 
description of possible causes and solutions. 

A number of appendices are also included covering 
such subjects as the formatting of correspondence, 
creating bibliographic databases and using them in 
documents, programming LaTeX extensions and a 
list of commands. 
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The material covered by the book is well presented 
and I believe that this book is a must for newcomers 
to LaTeX as well as for use by more experienced 
users. It provides a thorough listing of all the basic 
concepts and reference for key ideas. ♦> 

ZEN AND THE ART OF THE INTERNET 
(4TH ED). 

by Brendan P. Kehoe 
Prentice Hall 
1996, 255 pages 
ISBN 0-13-452914-6 

Reviewed by 
Jon Wright 

Guru Software Services 
<job @ UNS. com.au> 

Zen and the Art of the Internet is a relatively well 
known book. It is often referenced in on-line 
conversations, particularly in Usenet news groups. 
Having heard so often about it's wonderful 
qualities and also being somewhat interested in the 
strange concept of combining Zen and the Internet, 
made the chance to review this book almost 
irresistible. Unfortunately, as often happens in 
life, the actual book was initially a big 
disappointment. Apart from the mention of the fact 
that the author was inspired by two books: Zen and 
the art of Motorcycle Maintenance & Zen and the 
Art of Archery , and a brief definition of Zen on 
page 229, there appears to be no particularly good 
reason for even having the word Zen in the title. To 
make things worse, trying to use the index for cross- 
reference purposes was almost impossible (some of 
the page numbers are wrong). 

At this stage, the book was almost returned 
unreviewed until the idea of fairness began to 
surface. The book had been disappointing because 
of expectations built up over a long period of time. 
It would be more appropriate to try and view the 
book as if it was totally unknown. From this 
perspective, Zen and the Art of the Internet is yet 
another internet introduction. The difference 
probably comes from the easy flowing style and 
succinct coverage of the major topics. The book 
quickly introduces the major subsections of the net, 
(mail, ftp, news, www) and then covers the various 
tools and commercial providers before moving on to 
the most interesting chapter which provides 
background information for newcomers to the net 
(e.g. the internet coke machine, the worm, etc.). 
The book is then completed with a series of specific 
indexes, including one on creating home pages. 
Naturally the commercial provider section is US¬ 


centric like most books published in the US, to 
replace this section try another book like 
Ozlnternet (Goodheart & Crawford). 

After this section read of the book, the reason for 
Zen in the title began to appear. Zen Buddhists 
believe that enlightenment can arise from intuition 
rather than from the study of scripture or history. 
In the same way, this book is trying to provide 
make the internet more intuitive for newcomers. 

The final question is how this book stacks up 
against the competition? Basically the only other 
comprehensive quality introduction that covers 
similar ground is probably the O'Reilly Whole 
Internet Guide. Zen is probably an easier 
introduction and it is also a lot easier to carry 
around. That means it is probably the best 
background internet book for newcomers. ❖ 

COMPUTER NETWORKS: 

A Systems Approach 

by Larry L. Peterson and Bruce S. Davie 
Morgan Kaufmann 
1996, 552 pages, US$69.95 
ISBN 1-55860-368-9 

Reviewed by 
Danny Yee 

<danny @ cs.su. oz. a u> 

In many ways Computer Networks: A Systems 
Approach contains just what one would expect to 
find in a serious introduction to networking. 
Peterson and Davie begin with a quick introduction 
to basic networking concepts, then look at abstract 
protocol implementation in the context of the x- 
kernel system (fragments of code from which are 
used throughout to illustrate implementation 
issues). They very broadly follow the standard 
network layers upwards, with chapters on host and 
link issues (ethernets and token-rings, encoding, 
framing, and error detection); on packet switching 
and routing; on bridges, internetworking, IP and 
IPv6, DNS, and multicast; on end-to-end protocols 
(UDP, TCP, RPC, and performance issues); and on 
end-to-end data (presentation, encryption, 
compression). Chapters on congestion control 
(especially in TCP implementations) and high¬ 
speed networking (including real-time services and 
quality of service guarantees) complete the volume. 

Each chapter begins by describing one central 
problem that motivates it, and ends with a 
discussion of an "open question" — the relationship 
between IP and ATM, for example, or the balance 
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between handling congestion control inside and 
outside networks. The effect is to convey a feel for 
networking as a dynamic and evolving field. Side 
boxes contain digressions, a device which works 
quite well here. 

It's hard to put my finger on exactly what sets 
Peterson and Davie's offering apart from the many 
other introductions to networking available. The 
depth of their coverage, certainly, and also their 
good coverage of implementation and architecture 
issues. But the key to their success is what they 
call a "systems approach", a concentration on first 
principles and basic building blocks and concepts. 
So there are no lengthy descriptions of protocols for 
their own sake ~ they are used instead to illustrate 
fundamental ideas. (Protocols are, after all, 
merely solutions to problems.) If the focus is very 
much on the Internet and internet protocols, that is 
because they are the only systems which address 
some problems. 

A Systems Approach really does manage to 
highlight the most important ideas. It is also an 
attractive and clearly laid out volume and, despite 
the price, one which is good value for money. It is 
easily the best general networking textbook I have 
seen. Though it may daunt weaker students, it 
would be suitable as a text for higher 
undergraduate courses; it is the first book I would 
recommend to computing professionals approaching 
networking for the first time or seeking to refresh 
their knowledge of the field. ♦> 

INTERNET FIREWALLS 
AND NETWORK SECURITY 

by Karanjit Siyan and Chris Hare 
New Riders Publishing 
1995, 410 pages. 

ISBN 1-56205-437-6 

Reviewed by 
Craig Macbhde 
<craig @ rmit. edu.au> 

I'm glad to say that this was one of the most 
readable technical books I've encountered in quite 
some time. Many books on highly technical matters 
fall into several traps, particularly of not 
providing background information or of not 
providing good examples. Too often, reference 
works provide examples for only one Unix variant, 
leaving users of other variants wondering. Internet 
Firewalls and Network Security provides copious 
background material and the examples are aimed 
broadly at Sys V or BSD machines with specific 


notes on SunOS and SCO Unix at various points. 
From there, it should be possible for network 
administrators to make sense of this book in most 
Unix environments. 

The book starts with a detailed section on TCP/IP, 
particularly the parts relevant to low-level setup 
and security, subnets, .rhosts files, the daemons and 
so on. Next it goes into the Unix security side as it 
related to networking, the meanings of the US 
"Orange Book" levels, password controls, NFS, 
encryption and Kerberos. The background section 
ends with an in-depth discussion of network 
security planning and policies and includes 
reference to worthwhile news groups and mailing 
lists on Usenet. 

The second part is where it gets interesting, 
starting by covering screening routers and packet 
filtering. The authors cover in some detail how to 
work out packet filtering rules for your security 
requirements, the problems involved with packet 
filtering with FTP, and some case-study examples 
for different filter setups. Cisco routers are covered 
in particular, as regards the syntax for setting up 
filter rules. 

They go on to cover firewall architecture and 
implementation, using TCP Wrapper, FireWall-1 
for Suns, ANS Interlock for Suns and IBM AIX 
machines, TIS Gauntlet which runs on a specially 
modified BSD Unix kernel on an Intel box, and 
finally the free TIS Firewall Toolkit. 

One thing that did surprise me was that the figures 
referring to packet dumps use LANalyzer for 
Windows, rather than using a familiar Unix tool, 
such as tcpdump. Given that the whole of the rest 
of the book is devoted to Unix variants, except 
where PC packet filter software is covered, the use 
of an MSDOS machine sitting on the network to 
monitor traffic is a little surprising. 

It also surprised me that some typos had crept into 
diagrams, but the reader who doesn't spot those 
probably shouldn't be trying to set up a firewall 
anyhow. 

If you are looking for information on TCP/IP 
networking and how to make it secure when 
connecting to the outside world, this seems like a 
good reference source. It takes a methodical 
approach to the whole problem, from working out 
your security requirements to implementing them 
with a router doing packet-filtering and/or a 
bastion host. 
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LIONS' COMMENTARY ON UNIX 
6TH EDITION WITH SOURCE CODE 

by John Lions 

Reviewed by 
Lucy Chubb 

My acquaintance with the original orange and red 
(well, it fades to pink) covered books that were the 
version 6 source code and commentary began in 1981 
when I did John Lion's operating systems course. I 
both loved it and had a mild dislike of it — a 
dislike arose because it drove me to work (OK, I'm 
lazy), and love because it opened the world of 
operating systems to me, one that has delighted me 
ever since. Later, while doing a port of version 7 
UNIX (what else!?) and rewriting its memory 
management for a masters degree, I tutored from 
those same books and even had the privilege of 
giving some lectures for John while he was away 
for a number of weeks. During those years my copy 
has suffered from having naive undergraduate 
notes written into it, rubbed out and repeatedly 
replaced by other penciled notes as my 
understanding grew. 

This book contains the two original "Lions' books" 
(the first being a source code listing of UNIX level 
6, complete with the original warning against 
disclosure, and a separate commentary), various 
notes, forwards, and appreciations by Dennis 
Ritchie, Ken Thompson, Micheal Tilson, Peter 
Salus, Mike O'Dell, Greg Rose, Berny Goodheart, 
Peter Collinson, and Peter Reintjes. 

The line numbered source code listing contains the 
kernel routines with the exception of device 
drivers, where only a few example ones are given. 
The commentary includes information about the 
PDP11, which is necessary for understanding some 
parts of the code, and an explanation of the 
different subsystems such as process management 
which which gives an overview but goes down to a 
line by line commentary where appropriate. The 
last chapter gives exercises for those who want to 
think further about the code. 

Ken Thompson and Dennis Ritchie published a 
paper "The Unix Time-Sharing System" in May 
1974 in the Communications of the ACM. After 
fellow lecturer Ken Robinson wrote away to get the 
new operating system, John Lions decided to base 
his Operating Systems course around reading the 
source code. Ln 1977 he completed his commentary to 
accompany it. 


The UNIX source code turned out to be a good choice 
for study; it was both small and elegant and the 
Lions commentary made an excellent companion. 
Michael Tilson writes in his prefatory notes "The 
UNIX operating system kernel code was itself an 
elegant work, and even today it remains worthy of 
study. John added a line-by-line analysis that was 
equally elegant." ... "It is part of our technical 
history, and we can still learn from it today." It 
was so much appreciated by the growing UNIX 
community that they were often photocopied in 
spite of restrictions on their distribution. As Ken 
Thompson says in the forward, "finally — one of 
the most widely distributed underground computer 
science documents is freely available." And Dennis 
Ritchie, "The document reproduced here educated a 
generation. It's notoriously one of the most-copied 
manuscripts of computerdom, and it's good to have 
it in the open record". 

While UNIX has grown massively in size and 
complexity in the intervening years, reading the 
version 6 source code gave me a foundation that is 
still firm. One of the things that I really 
appreciated is that the version 6 source code is 
small enough to be understood as a whole 
(although that takes some work) but at the same 
time is a real operating system that could (and 
was) used for real applications. As chapter one of 
the Commentary says "it is accessible in a way 
that most other systems are not: the amount of 
material which must be mastered in order to gain a 
reasonably deep understanding of the system is not 
impossibly large. By way of comparison, OS/360 
and its successors are far too complex to be 
completely understood by any one individual." 

Whether it's to replace your many generationed 
photocopy or just to find out what it’s all about, 
have a look at this book. The operating systems 
concepts are still valid today, and even the 
skeleton of UNIX version 6 still bears some 
relationship with modern versions. If you wish to 
go further than this, Warren Toomey recently 
posted that SCO has issued free binary licenses for 
this version (in which case this book would be a 
great companion to the binary). Details of how to 
get it and several simulators which can run it can be 
found at http://minnie.cs.adfa.oz.au/PUPS/ 
(where PUPS stands for "PDP Unix Preservation 
Society"). ❖ 
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AUUG News: 

Canberra 

CALL FOR PRESENTATIONS 
AND WORKSHOPS 

John Wright 

john w @ canb.au ug. org. a u 

Canberra AUUG Summer Conference Programme Chair 

AUUG in Canberra is holding its 8th annual 
conference and workshops on the 12th, 13th and 
14th of February 1997. There will be two days of 
workshops, followed by the one day conference. 
The venue will again be the Australian National 
University. 

As well as national speakers, we are looking for 
presentations from local individuals and 
organisations in any area of UNIX, Open Systems 
or Networking. Presenters for half or full day 
workshops on any subject are also welcome 
(workshop presenters receive a modest 
honorarium). 

Any organisations interested in sponsoring the 
conference and/or workshop are most welcome. The 
conference and workshops always attract a good 
attendance, with over 100 people from throughout 
the Canberra region attending the 1996 conference 
and workshops. 

We look forward to hearing from you with your 
ideas for the 1997 conference and workshops. 

For further details, please contact: 

Programme Chair: 

John Wright 
jwright@nla.gov.au 
Workshop Organiser: 

David Baldwin 
David.Baldwin@anu.edu.au 

Some additional notes for AUUG Chapter contacts 
(hopefully to persuade at least one or two of you to 
present a paper and/or workshop)... 

- Workshop presenters receive an ex gratia 
payment of $200 for each half-day workshop they 
present. 


- Those presenting a paper at the conference will 
receive free conference registration (so what's new 

- We will pay for your return airfare to Canberra. 
You'll be billeted with a local AUUG member 
during your stay. 

So what are you waiting for? We're open to ideas, 
so if you have any favourite topic you'd like to talk 
about, or if you have a burning desire to hear a 
paper or workshop presented on a particular 
Unix/Open Systems/Networking issue, get in touch 
with the Canberra AUUG Committee at 
cauug.committee@canb.auug.org.au. 

All suggestions and contributions greatly 
appreciated. ❖ 


AUUG News: 

Darwin 

Malcolm Caldwell 

The Darwin Chapter of AUUG hosted a one-on-one 
debate on the theme A variation of the gun debate: 
"Computers don't kill people, people kill people." 

The protagonists were Dr. Perry Morrison, 
Consultant and former lecturer, and Mr Phil Maker, 
Lecturer in IT at NTU, and a former pacemaker 
software developer for Telectronics. 

Phil lead off with the "yes" case, after a short 
interval of confusion in which moderator, and local 
AUUG president, Alan Cowie assisted all parties 
to work out who was "yes" and who was "no" 
(tricky things debate titles!). 

Phil ran a "straw man" line, first articulating the 
likely opposition logic then demolishing it. 
STRAW MAN: "Software is unreliable... 
Unreliable things kill people... Killing people is 
bad... Therefore never use software in life critical 
situations." MAKER: This is the wrong kind of 
logic. Probability is the correct approach. Phil 
gave an example from his own experience in 
designing software for use in heart defibrillators. If 
the chances of dying without the defibrillator are 
50% then even a 5% improvement using risk prone 
software is worth it. 

Perry, unkindly, took a different, rather 
whimsical, tack...relying for the "no" case on 
examples of what he termed Folk Sense. 
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He put forward three separate "lifelike" 
hypotheticals involving bulldozers, video remote 
controls, lawnmowers, and strawberry jam (or was 
it raspberry?) which illustrated the common sense 
impulse to blame the machines themselves for 
shortcomings. 

The formal debate served its purpose of stimulating 
a floor discussion on his central theme, system 
complexity and the limits it places upon our 
capacity to control system behaviour. This a major 
issue with digital systems because complex systems 
with "an untestable number of system states" can be 
easily built. 

A number of reasonably well known cases were 
briefly discussed; the Airbus and X31 incidents; 
Space Shuttle reliability (It was not Challenger's 
computers which failed, but an O-ring failure). 
Perry raised the issue of possible software errors in 
Blackhawk fly-by-wire helicopters, a logical line 
of discussion after the recent Queensland disaster. 
It was only after the debate whilst researching 
some of his old material that I discovered he has 
been raising concerns about Blackhawks since the 
late 1980's. Very interesting. 

The discussion continued apace at the post debate 
pizza session. Our thanks to the two debaters for a 
spirited and thought provoking evening. 

Phil Maker has placed a special Web page on the 
debate at: 

http://www.cs.ntu.edu.au/staff/pjm/auug- 
debate/homepage.html 

In addition to his own thoughts he has included 
links to other places. Having followed some of 
these links I would recommend the following 
articles on Perry Morisson's work: 

http: / / catless.ncl.ac.uk/Risks/9.15.html#subj4 
You will find here a synopsis of a paper co¬ 
authored by Perry Morrison and Tom Forester 
entitled "Computer Ethics: Cautionary Tales and 
Ethical Dilemmas in Computing". Its publication 
seems to have been something of 'cause celebre' at 
the time. 

http://catless.ncl.ac.uk/Risks/10.40.html 
Included here is a reflection by Perry Morrison on 
the discussion raised by the publication of the 
above paper (and some follow through in the 
popular press). The views of one Phil Maker of the 
NTU are singled out for particular comment; in fact 


they seem to have caused Dr Morrison to modify 
his original tough views. ♦> 


AUUG News: 

NSW Chapter 

Wayne Bell 

wayneb @ Sydney. diaiix 

NSW Chapter has monthly meetings on the third 
thursday of each month upstairs at the Occidental 
Hotel, York St, Wynyard 

The October meeting featured a talk on Unix to non- 
Unix connectivity by Frank Crawford and Ian 
Crackenthorp. The discussion covered a wide range 
of connectivity tools, especially SAMBA and 
netatalk. Frank and Ian talked about their 
experiences with connectivity tools and invited 
comments and discussion from the floor on our 
experiences. 

The November meeting Dr Bruce Howarth, a senior 
lecturer at the University of Technology, Sydney, 
gave an entertaining and informative talk about 
SGML - the Standardised General Markup 
Language. 

The talk was prompted by a comment one company 
manager made to Bruce, "I don't employ computer 
science graduates because they know nothing about 
text." It transpired that by text he meant SGML 
and related ISO standards for document 
presentation. 

Bruce gave an overview of the history of SGML, 
and a feel for the flavour of the tagged text syntax 
used in SGML. He stressed its importantance in 
current computing, mainly because of HTML, which 
is an SGML DTD (Document Type Description). 

Bruce concluded with the question, "Should a course 
on SGML be included in the UTS computer science 
degree?" This sparked a lively debate among the 
attendees (approximately 30 AUUG and SAGE-AU 
members attended). One overriding conclusion was 
that computer science students needed to learn to 
write, but that learning about the structure of 
documents (which is reflected in SGML) could turn 
them in to better writers. 
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Summer Conference 


AUUG NSW will be holding our Summer Technical 
Conference on the 20th and 21st of February, at 
Charles Sturt University, Bathurst 

We will have a day of tutorials on the 20th, and 
the conference proper on Friday the 21st. We hope 
to have an international speaker for the conference. 
AUUG NSW have arranged 32 student rooms, for 
accomodation on a first come first served basis. 
These rooms are cheaper than motel/hotel 
accomodation so book early. 

More information including registration forms will 
be coming to you shortly. 

Contacts 

Wayne Bell 
Chair 

wayneb@sydney.dialix.oz.au 

David Purdue 
Secretary 

David.Purdue@aus.sun.com 

auug nsw comittee 
auug-nsw-exec@auug.org.au 


Images from AUUG '96: 

It's JEOPARDY!! With your host Rob Kalstad, 
and contestants Joan McGilliard, Rolf Jester (Digital) 
and our own David Purdue (AUUG Secretary). 
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Images from the 
Chapter Council 
Meeting 


The Chapter Council Meeting was held in Sydney, 
on Saturday December 6th, 1996. A successful 
meeting, with many ideas and views exchanged 
between the representatives. 

[ Of course, the real story is they were all there 
receiving councelling ..;-) - Ed. ] 




(L to R) Someone's knee, Someone elses knee, the back of a chair, Malcolm Caldwell (NT), Stephen Boucher (AUUG 
Treasurer), Lucy Chubb (AUUG Vice President), Wayne Bell (NSW), Mark White (Qld), Patrick Ko (WA), John Terpstra 
(NSW) 


(L to R) David Purdue (AUUG Exec + NSW), Michael Paddon (AUUG President), Alan Cowie (NT), James Patterson (Tas) 
Enno Davids (Vic) 
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UNIX Tricks & Traps 

Sub-editor: Gunther Feuereisen <gunther@ibm.net> 

Its' been a busy month, having taken over the helm of 
AUUGN, I haven’t had a chance to write any Tricks & Traps 
this time around. Fortunately Peter Turnbull dropped me a note 
with some more ideas about the tar(l) command. 

As it is that time again, and as this is the Christmas issue, I 
thought we might get into the holiday spirit by looking at 
some UNIX Christmas humour. 

ITo all those who dropped me a note - thank you! It’s nice to 
know someone's checking up on me :-) Keep those contributions 
coming in! 

Happy Holidays! ♦> 

[ Last issue we looked at the tar(l) command and useful ways in which it could be used. Here, Peter 
Turnbull highlights some other ways of using the tar(l) command. - Ed ] 

TAR - THE STORY CONTINUES 

Peter Turnbull <petert@daedalus,com.au> 

Using ’rsh', 'rep' and ’tar’ to copy files and directories to remote systems can be an easy one liner. But when 
those remote systems are on a slow WAN (ie: <10MB), the time it takes to copy the files can become more 
critical. Here in order from slowest to fastest are the commands to copy files to a remote system. (Note, 
that order assumes you are transfering a reasonable large amount of data) 

Method 1 


$ tar cvf /tmp/files.tar /var/somefiles 
$ rep -p /tmp/files.tar otherside:/tmp/files.tar 
$ rsh otherside "tar xvf /tmp/files.tar" 

Method 2 


$ tar cf - /var/somefiles|rsh otherside "tar xvf 
Method 3 

$ tar cvf /tmp/files.tar /var/somefiles 
$ gzip /tmp/files.tar 

$ rep -p /tmp/files.tar.gz otherside:/tmp/files.tar.gz 
$ rsh otherside "gzip -d /tmp/files.tar.gz" 

$ rsh otherside "tar xvf /tmp/files.tar" 
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Method 4 


$ tar cvf /tmp/files.tar /var/somefiles 
$ gzip /tmp/files.tar 

$ rep -p /tmp/files.tar.gz otherside:/tmp/files.tar.gz 
$ rsh otherside "gzip -dc /tmp/files.tar.gz|tar xvf 
Method 5 

$ tar cf - /var/somefiles|gzip -c|rsh otherside "gzip -dc|tar xvf - 


SANTA CLAUS IS COMING TO TOWN 

in C-shell 

Author Unknown 
[sing] 


better !pout !cry 
better watchout 
telnet why 

santa claus cnorth pole >town 

cat/etc/passwd >list 
ncheck list 
ncheck list 

cat list | grep naughty > no_gift_list 
cat list I grep nice > gift_list 
santa claus <north pole >town 

who | grep sleeping 
who | awake 
who I egrep 'bad|good' 
for ( goodness sake) { 
be good 

} 
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After a hard dat at AUUG, 

Stephen Boucher (AUUG Treasurer) 
goes for the OSF approved food 
of choice. 


The new high-tech method 
for advertising web pages. 
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Enno Davids, Neil Murray, a camera and some guys orange shirt. 

Lucy (Stephen Spielberg) Chubb behind the camera, with 
Greg (God of USENIX) Rose in the chair of honour. 
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Membership 

Application 

Individual 



UNIX*AND OPEN SYSTEMS USERS 


To apply for AUUG membership, complete this form and return it with payment in Australian dollars to- 

REPLY PAID 66, AUUG MEMBERSHIP SECRETARY, 

P.O. BOX 366, KENSINGTON, NSW 2033, AUSTRALIA Tick this box it you wish your name 

Tel: +61 2 9361-5994 or 1 800 625 655 • Fax: +61 2 9332-4066 withhold from mailing lists mada 

available to vendors. 

* p * fhap * y ° <Jf P ulchasin 9 department will consider this form to be sn Invoke. Fore^n ^plc«its pH wt send a bank dr* 


□ 




, , Av.v.vr,vrrMV,v,v.wrrrrrw,wrw,vrrrMvrMWrr.w,wrrw/r.'i 


I iNDtviouAL on Student Membership: 


I Renewal/New membership of AUUG 
| Renewal/New Student membership 
1 International air mail 


. do hereby apply for: 


□ $90.00 

□ $ 25.00 (plsast comp 1st* cwtiicalion portion) 

□ $60.00 


/ agree that this membership will be subject to the 
rules and by-laws of AUUG as in force from time 
to time, and that this membership will run from 
time of joining/renewal until the end of the 
calendar or financial year. 


1 Total Remitted: 


AUD$ 


Sqnatw 


(Cbsqua, or money order, or cr«* art) 


Dais 


| Local Chapter Designate: 

You can participate in the activities of a local AUUG Chapter. Part of your fee will be given to the chapter to support those activities. By 
default a regional chapter will be selected for you. If you would rather nominate a chapter, please specify here 


| To Better Serve You, Please Print Your Contact Information: 


| Name/Contact:. 
| Position/Title: 

| Company: 

I Address: 


(indicate NONE for no chapter). 

Stuoent Member Certification: (*>b» computed by * member of &» 

Academic staff) 

_certify that 


(administrator) 


(name) 


Postcode 


(rvtiutvn) 

graduate approximately. 


Js a full time student at 
_and is expected to 


(dm) 


Tel: BH. 

Fax: BH. 

email address: 


.AH. 

AH 


Signatum 


Over for Institutional Membership 


rm 


Oats 


AVMrA'rrrAVMVA'WAv/MWAV/wwrrvWA'ww/rM'^ArAv.v.y/AV/A'wrr. 




Please charge $_to my 

□ Bankcard, □ Visa, □ Mastercard 

Account number:__ 

Expiry date:_ 

Name on card:___ 

Signature:_ 


AUUG Secretariat Use 


Chq: bank 

bsb 

a/c 

# 

Date: 

$ 

Initial: 


Date processed: 


Membership # 


AUUG Inc. as a user group, exists to provide UNIX® and open systems 
users with relevant and practical information, services, and education 
through cooperation among users. 











AUUG 


UNIX* AW0 OPEN SYSTEMS USERS 

To apply for AUUG membership, complete this form and return it with payment in Australian dollars to - 

REPLY PAID 66, AUUG MEMBERSHIP SECRETARY, 

P.O. BOX 366, KENSINGTON, NSW 2033, AUSTRALIA Oils bo* if you wi«h your name 

Tel: +61 2 9361-5994 or 1 800 625 655 • Fax: +61 2 9332-4066 m “ d * 

NOTE; Ptasw do not *wnd porctaiw ortaw - pwrhaps your purchasing depa/tmwnt wil ootadwr this form to bo an Invoice Forwwn *pdc«tt pw« Mod a bank draft 
drawn on an Australian bank. 


/Company N*n*) 

do hereby apply for: 

Renewal/New* Inst, membership ol AUUG 
Internationa] air mail 

Total Remitted 


□ $350.00 

□ $120.00 


(Ch*p4, money crdtr, rcrmHtcm) 


IfWa xym fat ta mambwirtp wi b* aibjsd to fa ruls* and by-tae* ol AUUG as in 
toros tan *m# to Irow, and fiat ft* msmbwthip w« run torn ima ol jotav**Mwd 
i/tfl fa «nd of fa calendar or tnanoai ysar. 

SAVs indsnand hat litos w* rscaivs two ccpis* ol fa AUUG nswdsttor, and may Mnd 
too rsprsssnofess to AUUG aponsorsd *«nts at msmbsr rats*. hough Ltow wil taw 
only on# veto in AUUG daemons, and otwr taots at rsqtirsd. 


INSTrTUTIONAL MEMBER DETAILS: 

To t» oomptotod by radii tonal msmbsrs orty. 


1 *t Rep,_ 

Position/Til le_ 

Address_ 

Bus. To4;_ 

a-mai Address _ 

Local Chapter Pref. 

2nd Rep,__ 

Position/Title_ 

Address_ 

Bus. Tel:_ 

e-mail address _ 

Local Chapter Pref. 


Bus. Fax: 


Bus. Fax: 


Following are our specified contacts. The primary contact holds the full member 
votinqrignts. The two designated reps wii also be given membership rates to 
AUUG activities including chapter activities. By default a regional chapter will 
be selected for you. If you would rather nominate a chapter, please specify in 
space provided (indicate NONE for no chapter)./****** 

Primary Contact_ I 

Position/Title __' 

Address * 


.(Rmm print d*Mfy<rf#4 


Postcode 


Bus. Tel:_ 

e-mai address _ 

Local Chapter Pref. 


Bus. Fax: 


Please charge $_ 
□ Bankcard, 
Account number:. 

Expiry date:_ 

Name on card:_ 

Signature:_ 


_to my 

□ Visa, 


□ Mastercard 




AUUG Secretariat Use 


: Chq: bank _ 

a/c_ 

Data: _ 

Initial: _ 

Date processed: _ 
Membership M _ 


AUUG Inc. as a user group, exists to provide UNIX® and open systems 
users with relevant and practical information, services, and education 
through cooperation among users. 
















Notification of 
Change 

You can help us! If you have changed your mailing address, 
phone, title, or any other contact information, please keep us 
updated. Complete the following information and either fax it to 
the AUUG Membership Secretary on (02) 9332-4066 or post it to: 

AUUG Membership Secretary 
P.0. Box 366 
Kensington, NSW 2033 
Australia 

(Please allow at least 4 weeks for the change of address to take effect..) 

□ The following changes are for my personal details, member #:_ 

O The following changes are for our Institutional Member, primary contact. 

□ The following changes are for our Institutional Member, representative 1. 

□ The following changes are for our Institutional Member, representative 2. 
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Please Print Your OLD Contact Information (or attach a mailing label): 

Please Print Your NEW Contact Information: 

Name/Contact: 


Name/Contact: 


Position/Title: 

Position/Titfe: 

Company: 

Company: 

Address: 

Address: 

Postcode 

Postcode 

Tel: BH 

AH 

Tel: BH 

AH 

Fax: BH 

AH 

Fax: BH 

AH 

email address: 

email address: 


AUUG Secretariat Use 


Date: _ 

Initial: _ 

Date processed: 
Membership # _ 










